Loading…
← Back to schedule
From 0 to SLSA Level 3: A Practitioner's Field Guide
Thursday June 25, 2026 2:15pm - 3:00pm CEST
Hall K1 (Level -2)
SLSA (Supply-chain Levels for Software Artifacts) promises to secure your software supply chain—but implementing it at enterprise scale is harder than the spec suggests. This talk shares our journey to SLSA Level 3, including the architectural decisions, performance trade-offs, and customer escalations that shaped our approach.

You'll learn:
- Provenance attestation architecture for multi-tenant CI/CD pipelines
- How to integrate SLSA verification without breaking existing workflows
- Real metrics: what SLSA costs in CI minutes and what attacks it actually catches
- Common implementation pitfalls and how to avoid them

Whether you're just starting your SLSA journey or stuck at Level 2, walk away with battle-tested patterns that work at scale.
Speakers
avatar for Mark Mishaev

Mark Mishaev

Senior Engineering Manager, Software Supply Chain Security, Gitlab

Senior Manager of Software Supply Chain Security at GitLab, leading 40+ engineers across Authentication, Authorization, Pipeline Security, and Compliance teams. He drives GitLab's SLSA implementation and security architecture for CI/CD pipelines serving millions of developers.
Wit... Read More →
Thursday June 25, 2026 2:15pm - 3:00pm CEST
Hall K1 (Level -2)
  Deployment and Maintenance

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Event Planning Software Privacy Terms
Share Modal

Share this link via

Or copy link