Is the Internet on Fire? Strategies for Mitigating Open Source Software Vulnerabilities
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore strategies for mitigating open source software vulnerabilities in this 32-minute conference talk by Andrew Martin from ControlPlane and Michael Lieberman from Kusari. Delve into the current state of open source security, examining why it's no longer trusted by default due to supply chain attacks and vulnerabilities. Discover a range of tools and techniques to defend against these threats, including SBOM analysis, source code examination, open source ingestion techniques, and signing. Learn about assured open source programs, traditional defense-in-depth measures, and emerging security controls. Gain insights into the safety of open source software from GitHub and package managers, the importance of SBOMs throughout the software lifecycle, incident response using open source security tools, and designing systems beyond zero trust for compromise resilience and assumed breach scenarios.
Syllabus
Is the Internet on Fire? Strategies for Mitigating Open Source... Andrew Martin & Michael Lieberman
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Target Rich Cyber PoorBSidesLV via YouTube The A's, B's, and Four C's of Testing Cloud-Native Applications
LASCON via YouTube SBOM Challenges and How to Fix Them
BSidesLV via YouTube The Case for Software Bill of Materials
BSidesLV via YouTube Collaborating to Improve Open Source Security - How the Ecosystem Is Stepping Up
RSA Conference via YouTube