YoVDO

Fresh SLSA and GUAC - Understanding Open Source Package Risks and Transparency

Offered By: Linux Foundation via YouTube

Tags

Software Supply Chain Security Courses Risk Assessment Courses Software Bill of Materials Courses SLSA Courses GUAC Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the complexities of open source software supply chain security in this 40-minute conference talk by Michael Lieberman from Kusari and Melissa McKay from JFrog. Delve into the challenges of managing and securing the vast ecosystem of open source repositories and packages. Learn to assess the safety of packages and their dependencies, and understand the risks associated with increasing transitive dependency complexity. Discover how to leverage open source tools, services, specifications, and best practices such as GUAC, SLSA, OSV, SBOMs, S2C2F, deps.dev, and scorecard to track, understand, and make informed decisions about the software you use and depend on. Gain insights into de-risking your use of open source packages and improving transparency in your software supply chain.

Syllabus

Fresh SLSA and GUAC Starts with Knowing Your Ingredients - Michael Lieberman & Melissa McKay


Taught by

Linux Foundation

Tags

Related Courses

Ketchup, Mustard, and Relish of Software Supply Chain Security - Panel Discussion
Linux Foundation via YouTube
SLSA in Action: Securing the Software Supply Chain
Linux Foundation via YouTube
Securing Your Supply Chain by Building with FRSCA
Linux Foundation via YouTube
Open Tools for Secure Supply Chains in Kubernetes - From Release Engineering
Linux Foundation via YouTube
Google SLSA and NIST SSDF - Emerging Software Supply Chain Security Best Practices
Linux Foundation via YouTube