Scaling the Security Researcher to Eliminate OSS Security Vulnerabilities - Automated Bulk Pull Request Generation

Explore a 46-minute conference talk by Jonathan Leitschuh from the Open Source Security Foundation, presented at a Linux Foundation event. Delve into the challenge of efficiently addressing widespread security vulnerabilities in open-source software (OSS) projects. Learn about innovative approaches to scale vulnerability detection, triage, reporting, and fixing processes across hundreds of thousands of repositories. Discover how tools like GitHub's CodeQL and OpenRewrite can be leveraged to automate bulk pull request generation, providing maintainers with actionable fixes. Gain insights into practical applications of these techniques on real-world OSS projects and understand how to effectively utilize researcher knowledge to maximize vulnerability remediation at scale.