YoVDO

How Much Do You Trust That Package? Understanding the Software Supply Chain

Offered By: linux.conf.au via YouTube

Tags

linux.conf.au Courses Software Development Courses Python Courses Javascript Courses Electron Courses npm Courses Risk Mitigation Courses Software Supply Chain Security Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the critical issue of supply chain security in modern software development through this 16-minute conference talk from linux.conf.au. Delve into the history of the software supply chain, examine recent security incidents involving third-party modules, and understand the risks associated with rapid development practices. Learn about the challenges faced by maintainers, the impact of unmaintained packages, and the potential vulnerabilities in popular ecosystems like npm and PyPI. Discover practical strategies to mitigate risks, including best practices for package management, regular audits, and responsible upgrade procedures. Gain valuable insights to enhance the security of your software projects and better navigate the complex landscape of third-party dependencies.

Syllabus

Intro
The Supply Chain
Unavailability
Defects
Bugs
Package Availability
Lack of Maintenance
Breaking Into Your Code
Python Nation
Colorama
NPM
Ecosystem
Electron
JavaScript
Mitigating Risks
The Dam Maintainer
Upgrades and Updates
Auditing
Summary
Everything


Taught by

linux.conf.au

Related Courses

Software as a Service
University of California, Berkeley via Coursera Software Testing
University of Utah via Udacity The Hardware/Software Interface
University of Washington via Coursera Software Debugging
Saarland University via Udacity Introduction to Systematic Program Design - Part 1
The University of British Columbia via Coursera