YoVDO

Understanding Trust and Security Processes in the Open Source Software Ecosystem

Offered By: USENIX Enigma Conference via YouTube

Tags

USENIX Enigma Conference Courses Community Engagement Courses Software Security Courses Software Supply Chain Security Courses

Course Description

Overview

Explore the security challenges and trust processes within the open source software ecosystem in this 16-minute conference talk from USENIX Enigma 2023. Delve into the unique security considerations arising from the openness of the ecosystem, including code submissions from unknown entities, limited resources for review, and the need to vet dependencies. Gain insights from interview studies conducted with open source contributors, companies using open source components, package maintainers, and developers creating reproducible software. Learn about the security and trust processes in the open source supply chain, particularly those not immediately visible at the data level. Discover a collaborative approach to open source research through interviews, and obtain practical advice on improving security in the software supply chain by empowering stakeholders such as maintainers and contributors.

Syllabus

USENIX Enigma 2023 - Understanding Trust & Security Processes in the Open Source Software Ecosystem


Taught by

USENIX Enigma Conference

Related Courses

Hardening Your Soft Software Supply Chain
Pluralsight
DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub
Pluralsight
Securing Your Software Supply Chain with Sigstore
Linux Foundation via edX
GitHub Supply Chain Security Using GitGat
Linux Foundation via edX
Kyverno - Deep Dive - Tech Talks
Mirantis via YouTube