Explore the critical aspects of open source software security in this 25-minute conference talk from BSidesSF 2023. Delve into the OpenSSF Scorecard, an automated tool that evaluates crucial security heuristics in software dependencies. Learn how the tool assigns scores from 0-10 to various "checks," providing valuable insights into specific areas that require improvement to enhance the overall security posture of open source projects. Gain a deeper understanding of how to assess and trust the open source software you rely on, as presented by experts Naveen Srinivasan and Brian Russell.
Overview
Syllabus
BSidesSF 2023 - How do you trust your open source software? (Naveen Srinivasan, Brian Russell)
Taught by
Security BSides San Francisco
Related Courses
-
How to Trust Your Open Source Software Using Scorecards
-
Verifying the Validity of Crowd-Sourced Results in Open Source Security - The Scorecard GitHub Action and Sigstore
-
Build community-driven software projects on GitHub
-
Do You Know the Health of Your OSS Dependencies? Introducing OSSF Scorecard API
-
Assessing Open Source Software Projects in the Software Supply Chain Security
-
Introduction to Open Source Operating Systems - Bachelor's
