Join the TestifySec Community

Engage with our team at conferences, listen to our podcasts, and learn from our talks about supply chain security, compliance automation, and the future of secure software development.

Watch Our TalksUpcoming Events
14+
Talks Delivered
7
Conferences
2
Podcasts
10,000+
Attendees Reached

Upcoming Events

Meet the TestifySec team at these upcoming conferences and events.

KubeCon + CloudNativeCon NA 2025

November 10-13, 2025Salt Lake City, UT

Visit us at booth #S40 to learn about supply chain security and compliance automation. We'll be showcasing the latest features of the TestifySec platform and hosting multiple talks and workshops.

Our Role: Booth Exhibitor & Speaker

Learn More

Featured Talks & Presentations

Our team regularly speaks at conferences and events about supply chain security, compliance automation, and building secure software.

InterviewFeb 2024

Enhancing Supply Chain Security with TestifySec

KubeCon + CloudNativeCon Europe

CK

Cole Kennedy

TestifySec

TestifySec unifies developers and cybersecurity teams through zero-trust governance integrated into build pipelines. The platform provides transparency and accountability across the software/AI model generation process by treating build steps as verifiable attestations.

View Full Talk
WebinarJan 2024

Automating Proof of Compliance with Witness/Archivista

Autodesk & TestifySec Webinar

CK

Cole Kennedy

TestifySec

How Autodesk uses Witness and Archivista to collect compliance evidence automatically. Automating attestation generation eliminates audit bottlenecks and enables continuous compliance.

View Full Talk
PodcastSep 2023

Compliance, AI, and DevOps in Finance

Open Source in Finance Podcast

CK

Cole Kennedy

TestifySec

Discussion on regulatory compliance in AI and DevOps. Financial institutions must treat AI models as supply-chain artifacts, ensuring that data inputs, training steps, and dependencies are cryptographically attested.

View Full Talk
ConferenceMay 2024

Guardians of the Dataverse: Securing the AI Supply and Data Chain

CloudNativeSecurityCon NA

FK

Frederick Kautz

TestifySec

Drawing on NIST SP 800-204D to extend software supply-chain security to AI/ML and big-data pipelines. Examines how CNCF and OpenSSF projects can shield AI workflows.

View Full Talk
WorkshopOct 2024

AI Training in Kubernetes

KubeCon North America BoF

FK

Frederick Kautz

TestifySec

Birds-of-a-Feather session tackling challenges of running AI training workloads on Kubernetes, including resource control, scheduling, and storage.

View Full Talk
ConferenceOct 2024

Secure Release Processes with in-toto Policy Verification

KubeCon NA

JK

John Kjell

ControlPlane

How flexible in-toto policies can verify attestations for code reviews, SBOM integrity, test results, vulnerability scans, and build provenance.

View Full Talk
ConferenceOct 2023

Trust No System: The Unsettling Reality of Zero Trust

KubeCon NA

FK

Frederick Kautz

TestifySec

Keynote exploring the principles and challenges of implementing zero-trust architectures in cloud-native environments.

View Full Talk
InterviewMar 2024

Enhancing Open Source Software Integrity

Open Source Summit Seattle

MS

Mikhail Swift

Replicated

Exploring how TestifySec ensures software integrity through attestations and policy enforcement in the open source ecosystem. Discusses provenance, key-management challenges, and integration into development pipelines.

View Full Talk
ConferenceApr 2023

Uncovering the History of Your Software Artifacts

Cloud Native SecurityCon NA

MS

Mikhail Swift

Replicated

Demonstrating how to use Witness (an in-toto implementation) to discover the who, how, and where behind a software artifact. Shows how build steps generate attestations and how to reconstruct provenance graphs.

View Full Talk
ConferenceMay 2024

Demystify Modern Signing: Keys, Certs, and Envelopes

CloudNativeSecurityCon NA

JK

John Kjell

ControlPlane

Practical differences between signing and encryption, introducing tools such as Cosign, Notation, The Update Framework (TUF), and in-toto. Covers emerging identity-based signing using short-lived keys.

View Full Talk
ConferenceMar 2024

A Step Closer to in-Toto'lly Secure: Using in-toto and OPA Gatekeeper

Open Source Summit NA

JK

John Kjell

ControlPlane

End-to-end flow for verifying artifact integrity using in-toto attestations and policy enforcement with OPA Gatekeeper.

View Full Talk
PodcastSep 2024

The Burden of Security in Software Maintenance

Open at Intel Podcast

JK

John Kjell

ControlPlane

Discussion on the significant burden maintainers face when securing open-source projects. Covers balancing multiple projects with personal life, secure developer identities, and the importance of inclusivity.

View Full Talk
InterviewMay 2024

Linux xz and the Great Flaws in Open Source

The New Stack Makers Interview

JK

John Kjell

ControlPlane

Commentary on the Linux xz utils backdoor exploit, highlighting how vulnerable open source is to social engineering and the need for maintainer support.

View Full Talk
ConferenceMar 2024

Diversity, Equity, and Inclusion in OpenSSF

SOSS Community Day North America

JK

John Kjell

ControlPlane

Panel discussion on making open-source communities more inclusive and equitable, focusing on DEI initiatives in the OpenSSF community.

View Full Talk

Community Resources

Connect with us and stay updated on the latest in supply chain security.

Join the Discussion

Engage with our community on GitHub and contribute to open source projects.

GitHub Community

Open Source Projects

Contribute to Witness, Archivista, and other supply chain security tools.

View Projects

Partner With Us

Join our ecosystem of partners building secure software supply chains.

Become a Partner

Want to Speak With Our Team?

Schedule a demo to learn how TestifySec can automate your compliance and secure your software supply chain.

Schedule a DemoLearn More
Ask TestifySecAI-powered help