Learn how to assess and monitor the long-term viability and health of open-source software dependencies in this 35-minute conference talk from the Eclipse Foundation. Explore a novel Risk Assessment Model for evaluating the maturity and sustainability of open source libraries, demonstrated through a practical Kubernetes example. Discover approaches for addressing critical gaps in current practices that often overlook sustainability factors during integration, leading to potential technical debt. Gain valuable insights into managing enterprise-scale deployment risks and improving software supply chain security beyond traditional compliance and vulnerability assessments.
Reducing Risk in Software Supply Chains: A Project Health Perspective with Kubernetes Example
Eclipse Foundation via YouTube
Overview
Syllabus
Reducing risk in software supply chains:A project health perspective with a Kubernetes example-OCX24
Taught by
Eclipse Foundation
Related Courses
-
Supply Chain Risk Management with OWASP Dependency-Check
-
Defining the Limits of Risk in Open Source Supply Chains
-
Policy Compliance with Sigstore - From Signing Software to Validating the Whole Software Supply Chain
-
Exploring a Risk Approach to Software Supply Chain Security
-
Securing the Unseen: Defending Against Open Source Software Supply Chain Attacks
-
Open Source Supply Chain Security for Enterprises
