Navigating a Security Audit: Insights, Challenges and Lessons Learned from Temurin JDK
Eclipse Foundation via YouTube
Overview
Learn about the process, challenges, and key insights from an external security audit of the Adoptium project's Temurin JDK supply chain in this 29-minute conference talk. Gain valuable perspective on preparing for and executing security audits, from initial scope definition through post-audit actions. Discover how external auditors validate security processes, mitigate risks, and enhance cybersecurity posture through examination of critical code and software repositories. Follow along with firsthand engineering experiences and practical lessons that illuminate this essential process for maintaining secure software supply chains.
Syllabus
Navigating a security audit, the insights, challenges, experiences and lessons learnt - OCX 2024
Taught by
Eclipse Foundation