Tales from the trenches of software supply chain security

Brett Smith, distinguished software developer at AI and data management software and services company SAS, has spent nine of his 13 years with the company focused on software supply chain security, managing DevSecOps and compliance for a 3,000-developer organization. He shares the good, the bad and the ugly of the journey to date, and his outlook for the future.

Featuring: Brett Smith, distinguished software developer, SAS

In today’s episode, we’ll cover…

• Focusing on software artifacts to secure the supply chain
• Getting developer buy-in for cybersecurity
• The role of Executive Order 14028 and the road ahead in compliance
• AI and "security amnesia"

and more!

References:

• Black Hat 2025: Navigating AI and supply chain security
• Software supply chain security tools take on toil for users
• Software supply chain security AI agents take action
• IT pros revise pipelines for software supply chain security

To learn more about software development and platform engineering, check out Search IT Operations.

To watch clips from our podcast, subscribe to our YouTube channel, @EyeOnTech.