Overview
Explore a 46-minute conference talk by Jonathan Leitschuh from the Open Source Security Foundation, presented at a Linux Foundation event. Delve into the challenge of efficiently addressing widespread security vulnerabilities in open-source software (OSS) projects. Learn about innovative approaches to scale vulnerability detection, triage, reporting, and fixing processes across hundreds of thousands of repositories. Discover how tools like GitHub's CodeQL and OpenRewrite can be leveraged to automate bulk pull request generation, providing maintainers with actionable fixes. Gain insights into practical applications of these techniques on real-world OSS projects and understand how to effectively utilize researcher knowledge to maximize vulnerability remediation at scale.
Syllabus
Scaling the Security Researcher to Eliminate OSS Security Vulnerabilities Once... Jonathan Leitschuh
Taught by
Linux Foundation