Merge pull request #533 from st3penta/EC-1661

st3penta · web-flow · commit 27f65a570937 · 2026-03-12T09:49:23.000+01:00
Add FOSDEM 2026 talk to resources page
diff --git a/website/content/posts/fosdem-2026-talk.md b/website/content/posts/fosdem-2026-talk.md
@@ -0,0 +1,21 @@
+---
+title: "FOSDEM 2026: From Passive Data to Active Defense with Conforma"
+date: 2026-03-11T10:00:00+01:00
+author: "Stefano Pentassuglia"
+---
+
+We're excited to share that Conforma was featured at FOSDEM 2026 in Brussels, one of Europe's premier open-source software conferences. The talk introduced Conforma and demonstrated how to transform supply chain security data into actionable policy enforcement.
+
+<!--more-->
+
+## The Challenge: Data Without Enforcement
+
+Organizations today collect abundant security artifacts: SBOMs, SLSA provenance attestations, vulnerability reports. However, they often lack effective mechanisms to enforce policies against them. Having the data is only half the battle; knowing that your artifacts meet your security requirements is what truly matters.
+
+## Watch the Recording
+
+The full talk is now available on our Resources page, featuring a practical introduction to Conforma with live demonstrations of SBOM and SLSA Provenance policy checks.
+
+**[Watch "From Passive Data to Active Defense: Supply Chain Policy-as-Code with Conforma"](/resources/#from-passive-data-to-active-defense-supply-chain-policy-as-code-with-conforma)**
+
+While you're there, explore our collection of other conference presentations, demos, and educational content about securing software supply chains with Conforma.
diff --git a/website/content/resources/_index.md b/website/content/resources/_index.md
@@ -6,6 +6,32 @@ Whether you're just getting started with supply chain security or looking to dee
 
 These conference presentations, demos, educational videos and articles showcase how organizations are using Conforma to secure their software supply chains.
 
+## From Passive Data to Active Defense: Supply Chain Policy-as-Code with Conforma
+
+**Speaker:** Stefano Pentassuglia, Red Hat  
+**Event:** FOSDEM 2026  
+**Format:** Conference Talk  
+**Link:** [Watch on FOSDEM](https://fosdem.org/2026/schedule/event/UGRZNA-conforma-supply-chain-policy-as-code/)
+
+{{< rawhtml >}}
+<br>
+<video width="560" height="315" controls>
+  <source src="https://video.fosdem.org/2026/ud2208/UGRZNA-conforma-supply-chain-policy-as-code.av1.webm" type="video/webm">
+  <source src="https://video.fosdem.org/2026/ud2208/UGRZNA-conforma-supply-chain-policy-as-code.mp4" type="video/mp4">
+  <track src="https://video.fosdem.org/2026/ud2208/UGRZNA-conforma-supply-chain-policy-as-code.vtt" kind="subtitles" srclang="en" label="English">
+  Your browser does not support the video tag.
+</video>
+<br>
+{{< /rawhtml >}}
+
+An introduction to Conforma that demonstrates transforming supply chain security data into actionable policy enforcement. Organizations often collect abundant security artifacts like SBOMs and SLSA provenance attestations but lack effective mechanisms to enforce policies against them. This talk covers:
+
+- What Conforma is and the problem it solves
+- How security artifacts are evaluated against organizational policies
+- Hands-on demonstration of SBOM Content Hygiene verification and SLSA Provenance policy checks
+
+*Ideal for anyone getting started with Conforma or exploring practical approaches to supply chain policy enforcement.*
+
 ## Enforcing Organization Policies with Enterprise Contract
 
 **Speaker:** Zoran Regvart, Red Hat  
