Open Source in Security-Critical Environments

Explore best practices for utilizing open source code in security-critical environments in this 34-minute conference talk from RSA Conference. Gain insights from Jim Zemlin, Executive Director of The Linux Foundation, on the growing impact of open source in critical applications and how communities are addressing security concerns. Discover practical suggestions for DevOps professionals and management to enhance security when using open-source components. Learn about the security implications of incorporating 80-90% open-source code in modern applications, strategies for improving open-source security, and actionable information for implementing open-source security in edge, network, and cloud environments. Delve into topics such as Linux's evolution, accelerating open source development, sustainable project management, and tools like the Core Infrastructure Initiative Census Project and Software Package Data eXchange (SPDX). Gain valuable knowledge on software tracking challenges, fuzzing techniques, reproducible builds, and auditing practices to strengthen your organization's approach to open source security.

RSAConference 2018
Linux has grown into the most important open source project in the world
Linux Evolves Faster Than Ever
Open Source Development is Accelerating
Code Club (Sandwich)
The real question is which projects matter?
How do we make important projects sustainab
CLOUD NATIVE COMPUTING FOUNDATION
Core Infrastructure Initiative Census Project
Current Algorithm
A little love goes a long way
Education
Software Tracking: The Challenge
Software Package Data eXchange
What makes up an SPDX Document?
Learn how open source software flows
Fuzzing
Reproducible Builds
Auditing