Explore the challenges and solutions for securing open source software supply chains in this 27-minute conference talk by James Holland from Citi. Gain insights into the pervasiveness of open source in various technologies, the history of supply chain security, and the evolution of tooling. Learn about the aims and use cases of proposed solutions, and understand the importance of automated tooling, best practices, education, and collaboration in securing open source supply chains. Discover how organizations can support the advancement of open source security through OpenSSF initiatives.
How's Your Supply Chain with Your Insecure OSS Ingestion?
Overview
Syllabus
Intro
Ingestion & Supply Chain
Background (The why)
The History
Evolution & tooling
Solution: Aims
Use Cases
Flows
Taught by
OpenSSF
Related Courses
-
Improving Global Software Supply Chain Security with Alpha-Omega
-
Supply Chain Risk Management with OWASP Dependency-Check
-
What is OpenSSF? - Securing Open Source Software Supply Chains
-
Securing Open Source Software Supply Chain - Continuous Secure Software Ingestion
-
Deep Dive into the OpenSSF Mobilization Plan
-
GitHub Supply Chain Security Using GitGat
