Overview
Explore the critical aspects of open source supply chains and consumption risk governance in this 43-minute conference talk from Devoxx. Delve into the challenges and benefits of using open source software in organizational supply chains, with a focus on container deployments for enhanced security. Learn how to explain the importance of open source security to your organization, understand the unique security challenges posed by container environments, and discover best practices for deploying secure containers with trust. Gain insights into modern application development, vulnerability management tools, software composition analysis, and the history of Docker. Examine real-world examples such as the Apache Struts vulnerability and the Equifax data breach to understand potential risks and long-term implications of open source software usage. Equip yourself with knowledge to navigate the complex landscape of open source security in today's rapidly evolving technological environment.
Syllabus
Introduction
Author Reports
Modern Applications
How Good is Your Code
Open Source Usage
Distribution
Regulators
Cost of Data Breach
Business Leaders Question Open Source
Open Source Adoption Model
Mediawiki
Vulnerability Management Tools
Software Composition Analysis
Question Everything
Docker History
Image Consistency
Deployment Triggers
Apache Struts
Information Flow
Black Security Advisory
Patched Struts
Exploits
Web Services
Potential Risk
Equifax Story
Vulnerability Disclosure
Long Tail
OpenSSL Example
Solution Requirements
Taught by
Devoxx