Explore the aftermath of the SolarWinds Sunburst hack in this 37-minute keynote presentation from KubeCon + CloudNativeCon Europe 2022. Discover how SolarWinds is leveraging open-source technologies to fortify their supply chain security through Project Trebuchet. Gain insights into the anatomy of supply chain attacks, the challenges faced in implementing robust security measures, and the innovative solutions being developed. Learn about the Golden Rule approach, the Trebuchet development experience, and key components such as provenance, InToto, consensus validation clusters, and vulnerability analysis. Understand the complexities of rebuilding trust and security in the wake of a sophisticated nation-state attack, and explore the potential of CNCF and CDF projects in creating resilient build systems for the future.