Best Practices for Securely Consuming Open Source in Python
Offered By: EuroPython Conference via YouTube
Course Description
Overview
Explore best practices for securely consuming open source in Python in this 33-minute conference talk from EuroPython 2024. Delve into the Secure Supply Chain Consumption Framework (S2C2F) and its application to Python projects. Learn about implementing core principles and maturity levels of S2C2F, including dependency management with pip, artifact management, SBOMs, signatures, deny rules, forking policies, and automated security updates using Dependabot. Gain practical strategies to enhance the security of open-source consumption in Python development, addressing the growing prevalence of attacks targeting OSS. Walk away with actionable tips to know your OSS, prevent vulnerable package introduction, and maintain robust patch management for more secure Python projects.
Syllabus
Best practices for securely consuming open source in Python — Ciara Carey
Taught by
EuroPython Conference
Related Courses
Security Is an Ecosystem - We Can't Be Secure in IsolationLinux Foundation via YouTube Improving the Security of a Large Open Source Project One Step at a Time
Linux Foundation via YouTube Simplifying Coordinating Vulnerabilities and Disclosures in Open Source Projects
Linux Foundation via YouTube SLSA in Action: Securing the Software Supply Chain
Linux Foundation via YouTube Implementing OpenSSF Best Practices Badges and Scorecards for Project Security
Linux Foundation via YouTube