Learn about the Core Infrastructure Initiative's "best practices badge" program for open source software in this informative conference talk. Explore the program's current status, including projects that have received badges, security improvements made to obtain badges, and interesting ways projects have met the criteria. Discover the most commonly missed criteria and efforts to create higher-level badges. Gain insights into the importance of following best practices in open source software development to prevent security vulnerabilities. Understand how the badging program incentivizes projects to implement best practices and helps users identify projects that prioritize security. Hear from Dr. David A. Wheeler, an expert in open source software and secure software development, as he shares his knowledge and experience in leading the CII Best Practices badging effort.
CII Best Practices Badge Program - One Year Later
Overview
Syllabus
Institute for Defense Analyses
IDA Background
IDA CII Best Practices Badge
IDA Criteria
IDA Badge scoring system
IDA Initial announcement
IDA CIl badges are getting adopted!
IDA Some additional badge holders
IDA Sample impacts of Cil badge process
IDA Biggest challenges today for getting a badge
IDA Tests
IDA Vulnerability reporting
IDA HTTPS
IDA Analysis
IDA Know secure development
IDA Documentation
IDA Good news
IDA Higher-level criteria
IDA Some proposed passing+1 criteria
IDA Involved in OSS?
IDA In conclusion: Key URLS
Taught by
Linux Foundation
