Explore the critical issue of artifact poisoning in software supply chains through this 19-minute DevSecCon talk. Discover how malicious actors compromise development artifacts, potentially infecting production applications and end-users. Learn about tactics used for artifact poisoning and effective prevention methods, including the importance of secure artifact signing in CI/CD pipelines. Gain insights into the complexities of implementing robust signing practices, even when using popular tools. Benefit from the expertise of Gal Ofri, a security researcher at Legit Security with a decade of experience in software development and cybersecurity, as he shares valuable knowledge on safeguarding your software supply chain against sophisticated attacks.