Explore the critical process of evaluating open-source component risks through OpenSSF's Scorecard in this informative 42-minute talk presented by Laurent Simon from Google and Naveen Srinivasan from Endor Labs at a Linux Foundation event. Gain valuable insights into the methodology and tools used to assess potential vulnerabilities and security concerns in open-source software, empowering developers and organizations to make informed decisions about the components they integrate into their projects.
Assessing the Risk of Open-source Components Using OpenSSF's Scorecard
Overview
Syllabus
Assessing the Risk of Open-source Components Using OpenSSF's Scorecard
Taught by
Linux Foundation
Tags
Related Courses
-
Do You Know the Health of Your OSS Dependencies? Introducing OSSF Scorecard API
-
How to Trust Your Open Source Software Using Scorecards
-
Inspecting Open Source Software Packages for Security and License Compliance
-
Fortify Your Code: Secure Your Supply Chain with Scorecard
-
Assessing Open Source Software Projects in the Software Supply Chain Security
-
Automated Techniques for Measuring Trustworthiness of Open Source Code and Communities
