Explore 13 real-world threats to open source components and their potential impact on downstream developers in this 51-minute conference talk by Adrian Diglio from Microsoft. Gain insights into the growing importance of open source security, with over 90% of software industry-wide depending on open source components and attacks targeting these components increasing exponentially year over year. Learn how these threats can compromise developer identities and DevOps infrastructure, emphasizing the need for a comprehensive security strategy. Discover how the OpenSSF's Secure Supply Chain Consumption Framework (S2C2F) can assist development teams and organizations in modernizing their DevSecOps practices to mitigate each of the discussed threats.
OSS Supply Chain Threats and Why You Need a Holistic Security Strategy
Overview
Syllabus
OSS Supply Chain Threats and Why You Need a Holistic Security Strategy - Adrian Diglio, Microsoft
Taught by
Linux Foundation
Tags
Related Courses
-
Open Source Software Supply Chain Security - Understanding Threats and Best Practices
-
Five and a Half Actions to Mitigate Software Supply Chain Threats
-
OSS Supply Chain Security: Drowning in Information, While Starving for Wisdom?
-
Nation-State Threats in the Open-Source Software Supply Chain
-
Secure Software Supply Chain Framework (S2C2F) Guide - OpenSSF SIG Meeting
-
Software Supply Chain Security - Transforming Challenges into Improved Open Source Software
