Watch a 31-minute conference talk exploring strategies for implementing OpenSSF Scorecard at scale to assess and improve repository security. Learn about various approaches to running, collecting, and interpreting Scorecard results across multiple repositories, including the Scorecard API, Scorecard Action, Scorecard Monitor, and Allstar. Discover how to set up and execute these tools while gaining insights into extracting actionable data from security assessments. Presented by Jeff Mendoza from Kusari and Stephen Augustus from Cisco Systems, the talk provides practical guidance for organizations looking to enhance their security posture across their entire repository portfolio through automated assessment tools and methodologies.
Overview
Syllabus
Scorecard at Scale: Old and New Possibilities for Lifting Securit... Jeff Mendoza & Stephen Augustus
Taught by
OpenSSF