FOSDEM 2026: From Passive Data to Active Defense with Conforma

We’re excited to share that Conforma was featured at FOSDEM 2026 in Brussels, one of Europe’s premier open-source software conferences. The talk introduced Conforma and demonstrated how to transform supply chain security data into actionable policy enforcement.

The Challenge: Data Without Enforcement

Organizations today collect abundant security artifacts: SBOMs, SLSA provenance attestations, vulnerability reports. However, they often lack effective mechanisms to enforce policies against them. Having the data is only half the battle; knowing that your artifacts meet your security requirements is what truly matters.

Watch the Recording

The full talk is now available on our Resources page, featuring a practical introduction to Conforma with live demonstrations of SBOM and SLSA Provenance policy checks.

Watch “From Passive Data to Active Defense: Supply Chain Policy-as-Code with Conforma”

While you’re there, explore our collection of other conference presentations, demos, and educational content about securing software supply chains with Conforma.