Building Secure Open Source Communities From the Ground Up

Explore strategies for building secure open source communities in this 17-minute conference talk from KubeCon + CloudNativeCon Europe 2022. Learn how to implement security best practices, manage dependencies, and conduct vulnerability scanning when bringing together open source projects and contributions. Discover techniques for balancing the workload between Developer Experience teams and open source maintainers to ensure project security. Gain insights on evaluating and implementing open source technologies like Renovate, Trivy, JFrog X-Ray, CodeCov, and Dependabot to empower project maintainers. Understand the process of creating clear, scalable, and impactful policies and documentation to establish a strong foundation for a secure and stable open source community.

Building Secure Open Source Communities From the Ground Up- Kiran 'Rin' Oliver, Camunda