Curating and Securing Open Source for GovCloud

Explore a 40-minute conference talk by Sudhindra Rao from JFrog, presented at a Linux Foundation event, on curating and securing open source software for GovCloud environments. Learn about implementing a self-service curation process for developers in air-gapped environments, enhancing developer experience while maintaining strong controls over third-party packages. Discover an automated workflow pipeline that includes preparation, curation, bundling, and loading stages, addressing challenges such as long wait times, manual processes, lack of traceability, and transitive dependencies. Gain insights into improving security measures, including vulnerability scanning and compliance checks, while streamlining the process of integrating open source libraries into secure government cloud environments.

Curating and Securing Open Source for the GovCloud - Sudhindra Rao, JFrog