YoVDO

Reviewing NuGet Packages Security Using OpenSSF Scorecard

Offered By: NDC Conferences via YouTube

Tags

Software Security Courses Software Development Courses .NET Courses Supply Chain Security Courses Security Assessment Courses NuGet Courses OpenSSF Scorecard Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the critical importance of assessing the security of NuGet packages in software development through this comprehensive conference talk from NDC Oslo 2024. Delve into the challenges of relying on third-party code, which constitutes approximately 80% of most applications, and the potential security risks it poses. Learn about the OpenSSF Scorecard project, an innovative tool designed to simplify the security review process for NuGet packages. Discover how this scorecard system, analogous to nutrition labels on food products, provides valuable insights into a package's security posture. Examine various aspects covered by the OpenSSF Scorecard, including maintenance practices, build workflow safety, and the use of security tools. Investigate additional areas specific to NuGet packages, such as reproducibility, .NET API usage, and codebase security reviews. Gain practical knowledge on how to leverage these tools and insights to make informed decisions about package selection, ultimately enhancing the security of your own applications and supply chain.

Syllabus

Reviewing NuGet Packages security easily using OpenSSF Scorecard - Niels Tanis - NDC Oslo 2024


Taught by

NDC Conferences

Related Courses

Cyber Security in Manufacturing
University at Buffalo via Coursera
Supply Chain and Operations Management Tips
LinkedIn Learning
Kubernetes Security: Implementing Supply Chain Security
Pluralsight
Implement Cybersecurity Best Practices in Your Organization
Salesforce via Trailhead
ISC2 Certified Secure Software Life-Cycle Professional (CSSLP)
Cybrary