Explore the impact of Log4shell on open source software security in this keynote address. Examine the watershed moment that forced security and IT teams to scramble during the holidays, patching vulnerabilities and identifying affected systems. Learn about the swift government response and the spotlight cast on open source software's ubiquity and security concerns. Discover the significant progress made by the OSS community in prioritizing security post-Log4j, despite limited resources and funding. Gain insights into the frustrations within the OSS community regarding perceptions of its security posture compared to proprietary software. Delve into the current state of OSS security, highlighting recent enhancements and discussing future steps needed to make open source secure by default. Recognize the unique benefits of open source and its potential to improve the security of society's critical infrastructure.
From Log4shell to OpenSSL - Reflections on a Year of Open Source Software Security
Overview
Syllabus
Keynote: From Log4shell to OpenSSL: Reflections on a Year of OSS Security - Dan Lorenc
Taught by
Linux Foundation
Tags
Related Courses
-
Addressing Cybersecurity Challenges in Open Source Software
-
Fighting the Next War - Future Threats to OSS and Software Supply Chain Security
-
Securing Open Source Through Threat Modeling
-
Securing Your Open Source Supply Chain
-
Securing Open Source Software Supply Chain - Continuous Secure Software Ingestion
-
Navigating the Intersection: AI's Role in Shaping the Secure Open Source Software Ecosystem
