Open source library breaches have made one thing clear: malicious actors are weaponizing trust. Recent major malware attacks bypassed detection tools by exploiting the trust gap between verifiable source code and the distributed binaries we all consume from public registries.

This session focuses on understanding what happened and how teams can move forward more safely and productively. We will examine Chainguard Libraries, which provides registries of rebuilt libraries from verifiable source code with improved provenance, SBOM information, and even security backports. Chainguard Libraries helps organizations prevent malware risk without slowing developers down. We'll close with a demo and open Q&A for deeper discussion.