Learn about meeting OpenSSF Security Baseline requirements through Minder in this conference talk. Explore how the baseline framework establishes common security standards across open source projects, with requirements matching OpenSSF's project lifecycle and providing increasing protection levels. Discover the range of security measures from repository configuration to security metadata production including SBOMs and SLSA attestations. Get introduced to Minder, an open source platform that monitors repositories, builds, and artifacts to ensure security posture compliance through automated orchestration and remediation. Watch a live demonstration of achieving baseline compliance using Minder's state reconciliation capabilities to match desired security states across resources.
Overview
Syllabus
Ace of Base: Meeting the OpenSSF Security Baseline with Minder - Adolfo GarcÃa Veytia, Stacklok
Taught by
OpenSSF
Related Courses
-
New Foundations of SBOM Are Underway at OpenSSF
-
Secure Kubernetes Supply Chain: Lessons and Tools for Project Releases
-
Secure Your Project with the SIG Release Supply Chain Kit
-
GUAC Verification for Software Supply Chain Security
-
Securing the Software Supply Chain: An In-Depth Exploration of SLSA
-
Building SLSA 3 Conformant Attestors for Artifacts Generated on GitHub
