Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Reviewing NuGet Packages Security Using OpenSSF Scorecard

NDC Conferences via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the critical importance of assessing the security of NuGet packages in software development through this comprehensive conference talk from NDC Oslo 2024. Delve into the challenges of relying on third-party code, which constitutes approximately 80% of most applications, and the potential security risks it poses. Learn about the OpenSSF Scorecard project, an innovative tool designed to simplify the security review process for NuGet packages. Discover how this scorecard system, analogous to nutrition labels on food products, provides valuable insights into a package's security posture. Examine various aspects covered by the OpenSSF Scorecard, including maintenance practices, build workflow safety, and the use of security tools. Investigate additional areas specific to NuGet packages, such as reproducibility, .NET API usage, and codebase security reviews. Gain practical knowledge on how to leverage these tools and insights to make informed decisions about package selection, ultimately enhancing the security of your own applications and supply chain.

Syllabus

Reviewing NuGet Packages security easily using OpenSSF Scorecard - Niels Tanis - NDC Oslo 2024

Taught by

NDC Conferences

Reviews

Start your review of Reviewing NuGet Packages Security Using OpenSSF Scorecard

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.