Explore automated techniques for assessing the trustworthiness of open source code and communities in this 19-minute conference talk by Jeff Mendoza from Google and Naveen Srinivasan from Endor Labs. Learn about cutting-edge tools and methods for programmatically analyzing software security to help determine which open source projects to trust. Discover how to evaluate your own projects against security best practices and effectively share the results. Gain valuable insights into selecting the most reliable open source solutions from the multitude of options available, enhancing your ability to make informed decisions in open source software adoption and development.
Automated Techniques for Measuring Trustworthiness of Open Source Code and Communities
Overview
Syllabus
Automated Techniques for Measuring Trustworthiness of Open Source Code and Communities
Taught by
Linux Foundation
Tags
Related Courses
-
How to Trust Your Open Source Software Using Scorecards
-
What Makes a Project Critical? Discovering and Evaluating Popular Open Source Software
-
Do You Know the Health of Your OSS Dependencies? Introducing OSSF Scorecard API
-
Expect the Unexpected - How to Choose Reliable Open Source Dependencies
-
Metrics for Engaging with Open Source Communities
-
Hidden Vulnerabilities in Open Source
