Explore essential security practices for open source projects in this informative conference talk from All Things Open 2022. Discover how fuzzing, SBOM, security audits, and SSDLC are utilized by the open source community to maintain robust security. Gain insights into assessing security vulnerabilities and inventory through real-world examples from large-scale open source projects. Learn about the current status of open source security, the importance of code reviews, and the integration of security measures into the software development life cycle. Understand the significance of vulnerability assessment and familiarize yourself with various tools, including the GitHub Code Scanning Tool. Enhance your knowledge of open source security posture assessment and improvement strategies to make informed decisions in securing your projects.
Security Posture Assessment and Improvements for Open Source Projects
Overview
Syllabus
Introduction
Agenda
Current Status of Open Source Security
Assessment of Open Source Security
Open Web Application Security Project
Code Review
Why Security is Important
Adding Security to Software Development Life Cycle
Vulnerability Assessment
Vulnerability Assessment Tools
GitHub Code Scanning Tool
Taught by
All Things Open
Related Courses
-
Designing Robust Information System Security Architectures
-
Managing Audits for Critical Open Source Projects
-
Improving Posture of Critical OSS Projects with Security Audits
-
Manage Open Source, Security and SBOMs for Software Projects and Organizations
-
Infusing Security Into the Application Development Process
-
Managing Audits for Critical Open Source Projects
