In this episode, we go on a deep dive with Billy Lynch from Chainguard into application and code signing and how it can be used to ensure the supply chain is legitimate. Billy has an impressive background including spending 8 years at Google before joining Chainguard and not only helps us understand how signing can be used in security but also what is the latest developments and technology in this field.

Links:

https://www.chainguard.dev/

https://www.linkedin.com/in/wflynch/

BIO

Billy is a staff software engineer at Chainguard, working on developer tools and securing software supply chains for everyone! He is an active contributor and maintainer to the Sigstore and Tekton projects, and is the creator of Gitsign. Prior to working at Chainguard, Billy worked on several developer tool teams at Google including Cloud Build, Google Code, and Cloud Source Repositories.