Overview
Explore the critical aspects of open source software security in this 25-minute conference talk from BSidesSF 2023. Delve into the OpenSSF Scorecard, an automated tool that evaluates crucial security heuristics in software dependencies. Learn how the tool assigns scores from 0-10 to various "checks," providing valuable insights into specific areas that require improvement to enhance the overall security posture of open source projects. Gain a deeper understanding of how to assess and trust the open source software you rely on, as presented by experts Naveen Srinivasan and Brian Russell.
Syllabus
BSidesSF 2023 - How do you trust your open source software? (Naveen Srinivasan, Brian Russell)
Taught by
Security BSides San Francisco