Security Posture Assessment and Improvements for Open Source Projects
Offered By: All Things Open via YouTube
Course Description
Overview
Explore essential security practices for open source projects in this informative conference talk from All Things Open 2022. Discover how fuzzing, SBOM, security audits, and SSDLC are utilized by the open source community to maintain robust security. Gain insights into assessing security vulnerabilities and inventory through real-world examples from large-scale open source projects. Learn about the current status of open source security, the importance of code reviews, and the integration of security measures into the software development life cycle. Understand the significance of vulnerability assessment and familiarize yourself with various tools, including the GitHub Code Scanning Tool. Enhance your knowledge of open source security posture assessment and improvement strategies to make informed decisions in securing your projects.
Syllabus
Introduction
Agenda
Current Status of Open Source Security
Assessment of Open Source Security
Open Web Application Security Project
Code Review
Why Security is Important
Adding Security to Software Development Life Cycle
Vulnerability Assessment
Vulnerability Assessment Tools
GitHub Code Scanning Tool
Taught by
All Things Open
Related Courses
The A's, B's, and Four C's of Testing Cloud-Native ApplicationsLASCON via YouTube A Different Kind of S3 - First Line Security of the Supply Chain
Linux Foundation via YouTube Accountability Taxonomy for AI Software Bill of Materials
Linux Foundation via YouTube Activities in Japan and 10 Streams of OSS Security Mobilization Plan
OpenSSF via YouTube Addressing Security Issues Before Production with Docker Scout
Docker via YouTube