Structured Scorecard Results: Tailor Your Own Supply-Chain Security Policies
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the customization capabilities of OpenSSF Scorecard's new feature, Scorecard Structured Results, in this 35-minute conference talk by Adam Korczynski and David Korczynski from Ada Logics. Learn how to tailor supply-chain security policies using more than 50 different software supply chain security heuristics. Discover the internal workings of Scorecard Structured Results, its potential use cases, and practical examples of implementing custom policies with popular policy engines. Gain insights into automating software supply chain security assessments and adapting them to diverse software ecosystems. Understand how this feature allows users to decide which specific vulnerability analysis tools should be used by dependencies to analyze source code, enhancing the overall security of software projects.
Syllabus
Structured Scorecard Results: Tailor Your Own Supply-Chain... - Adam Korczynski & David Korczynski
Taught by
Linux Foundation
Tags
Related Courses
How Do You Trust Your Open Source Software?Security BSides San Francisco via YouTube How to Trust Your Open Source Software Using Scorecards
CNCF [Cloud Native Computing Foundation] via YouTube Adventures in Securing an Open Source Project - From Zero to Hero
Linux Foundation via YouTube Insights from the Cloud Native Security Slam
Linux Foundation via YouTube Exploring the Large Language Models Open-Source Security Landscape
OpenSSF via YouTube