Explore 13 real-world threats to open source components and their potential impact on downstream developers in this 51-minute conference talk by Adrian Diglio from Microsoft. Gain insights into the growing importance of open source security, with over 90% of software industry-wide depending on open source components and attacks targeting these components increasing exponentially year over year. Learn how these threats can compromise developer identities and DevOps infrastructure, emphasizing the need for a comprehensive security strategy. Discover how the OpenSSF's Secure Supply Chain Consumption Framework (S2C2F) can assist development teams and organizations in modernizing their DevSecOps practices to mitigate each of the discussed threats.
OSS Supply Chain Threats and Why You Need a Holistic Security Strategy
Overview
Syllabus
OSS Supply Chain Threats and Why You Need a Holistic Security Strategy - Adrian Diglio, Microsoft
Taught by
Linux Foundation
Tags
Related Courses
-
We're Not Doomed! How to Successfully Manage Software Supply Chain Security
-
Improving Supply Chain Integrity with OpenSSF Technologies - Panel Discussion
-
Open Source Supply Chain Threat Landscape - A Moving Target
-
Supply Chain Security in the Enterprise
-
Securing Your Supply Chain with an Open Source Ecosystem
-
RSAC 365 Virtual Seminar - Supply Chain Security
