Open Source Dependencies and Maintainers - Risks and Solutions
Offered By: DevSecCon via YouTube
Course Description
Overview
Explore the risks and benefits of open source software in this 28-minute DevSecCon talk by Shilpi Bhattacharjee, co-founder of the Cloud Security Podcast. Learn about the Open Source Software Security Mobilization Plan and discover strategies to address security concerns in open source dependencies. Gain insights into implementing effective open source policies, understanding the impact of open source on innovation and potential breaches, and explore key initiatives such as digital signatures, third-party code reviews, and establishing an Open Source Program Office. Delve into the importance of protecting open source projects while leveraging their benefits for organizational growth and innovation.
Syllabus
Intro
What is open source
How to protect open source
Why use open source
Dangers of open source
Blog
Impact
What can you do
OpenSSF
Digital signature of software
Thirdparty code reviews
Sbomb
Open Source Program Office
Wrap Up
Taught by
DevSecCon
Related Courses
DevOps CI/CD Pipeline: Automation from development to deploymentUniversidad Anáhuac via edX DevOps Pipeline: Automatización hasta el despliegue
Universidad Anáhuac via edX Exploring the Benefits of Continuous Security and Compliance for Cloud Infrastructure
Pluralsight Integrating Incident Response into DevSecOps
Pluralsight DevSecOps: Building a Secure Continuous Delivery Pipeline
LinkedIn Learning