Explore the critical issue of open-source pipeline security in this sponsored session featuring Hassam Mian from Anaconda. Delve into primary approaches for securing dependencies, understand the complexities involved, and learn about Conda vulnerabilities. Examine the implications of the Cybersecurity Executive Order and discover concrete steps to fortify your open-source pipeline. Navigate the OpenSource Maturity Curve, identify best practices, and avoid common pitfalls. Investigate dependency trees, public repositories, and the concept of curated repos. Address critical questions surrounding open-source security, and gain insights into Anaconda's public data policies and integration strategies. Learn how to automate security measures and benefit from IndusSecurity consultations to enhance your organization's open-source security posture.
Rising Threat - Securing Your Open-Source Pipeline
Overview
Syllabus
Introduction
Primary approaches
Dependencies
Complexity
Conda
Vulnerabilities
Cybersecurity Executive Order
Steps to Secure Your OpenSource Pipeline
OpenSource Maturity Curve
Best Practices
Pitfalls
Dependency Tree
Public Repo
What Happened
Curated Repo
Critical Questions
Anaconda
Public Data
Policies
Integration
Automate
Indus
Security Consultations
Taught by
Linux Foundation
Tags
Related Courses
-
Securing Your Open Source Supply Chain
-
Supply Chain Armoring: Tools and Techniques for Open Source Projects
-
Why You Should Care About Open Source Supply Chain Security
-
Securing Your Supply Chain with an Open Source Ecosystem
-
Hidden Vulnerabilities in Open Source
-
Securing Open Source Through Threat Modeling
