Overview
Learn how to build robust security into open source projects from inception in this 20-minute conference talk by KodeKloud's Abhinav Sharma. Discover practical implementations of industry-tested security tools and automation strategies, including detailed demonstrations of GitHub's CodeQL for vulnerability detection, OpenSSF Scorecard for security best practices assessment, and essential supply chain security frameworks. Master the setup of automated security scanning pipelines that effectively identify vulnerabilities early in development while maintaining high security standards without creating additional developer overhead.
Syllabus
Building a Security-First Open Source Project: Tools and Best Practices - Abhinav Sharma, KodeKloud
Taught by
OpenSSF