Today's modern software is no longer written, it's assembled. It's time to take a hard look at the new risks posed—and the processes and tools that we'll need in order to keep them in check. This session will highlight new research and real world data on the risks this introduces into the global software supply chain and approaches for adapting current security practices to address it.