Today we sit down with Jason Goetz, Senior Director, Public Sector, Snyk to talk about securing software for the federal government. When most people think of a supply chain, they think of a physical item. For example, a manufacturer in China makes a router and ships it to the United States. The impact of the supply chain has been thoroughly apparent due to COVID disruptions.

However, most software developers today do not start from a blank slate, they start by grabbing code from a code repository and assembling it like Legos. In many situations, they follow agile development precepts and iterate and get feedback, but what happens is that the code is completed without any consideration for a security scan. Inevitably, issues will be found, and the development team must go back to work.

During the interview, Jason Goetz suggests there is a better approach, he calls it, “Shift Left.”