Overview
Learn how to assess and mitigate risks in open-source software projects through this lightning talk from OpenSSF. Discover how Scorecard serves as a powerful solution for evaluating the security posture of OSS dependencies, identifying potential vulnerabilities, and implementing supply chain security best practices. Explore real-world applications demonstrating Scorecard's effectiveness in addressing source code problems, compromised source control systems, and build system vulnerabilities. Master practical strategies for strengthening your software supply chain security in just 16 minutes.
Syllabus
Fortify Your Code: Secure Your Supply Chain with Scorecard - Aditya Soni, Forrester
Taught by
OpenSSF