Why You Should Care About Open Source Supply Chain Security

Why You Should Care About Open Source Supply Chain Security

PyCon US via YouTube Direct link

COMPROMISE PACKAGE REPO

11 of 21

11 of 21

COMPROMISE PACKAGE REPO

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Why You Should Care About Open Source Supply Chain Security

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 OPEN SOURCE SUPPLY CHAIN SECURITY (AND WHY YOU SHOULD CARE)
  3. 3 OVERVIEW
  4. 4 AFFECTING OPEN SOURCE ECOSYSTEMS
  5. 5 UNAUTHORIZED CHANGES
  6. 6 COMPROMISED SOURCE REPO
  7. 7 BUILD FROM MODIFIED SOURCE
  8. 8 COMPROMISED BUILD PROCESS
  9. 9 USE COMPROMISED DEPENDENCY
  10. 10 UPLOAD MODIFIED PACKAGE
  11. 11 COMPROMISE PACKAGE REPO
  12. 12 USE COMPROMISED PACKAGE
  13. 13 WHAT QUESTIONS MIGHT WE WANT TO ANSWER?
  14. 14 TERMINOLOGY
  15. 15 SIGSTORE
  16. 16 SLSA EXPLAINED
  17. 17 SLSA 1.0
  18. 18 EVALUATING RISKS
  19. 19 TRANSITIVE DEPENDENCIES
  20. 20 WHAT'S THE LATEST AND GREATEST?
  21. 21 SUPPORT OPEN SOURCE

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.