Overview
Explore the critical issue of open-source pipeline security in this sponsored session featuring Hassam Mian from Anaconda. Delve into primary approaches for securing dependencies, understand the complexities involved, and learn about Conda vulnerabilities. Examine the implications of the Cybersecurity Executive Order and discover concrete steps to fortify your open-source pipeline. Navigate the OpenSource Maturity Curve, identify best practices, and avoid common pitfalls. Investigate dependency trees, public repositories, and the concept of curated repos. Address critical questions surrounding open-source security, and gain insights into Anaconda's public data policies and integration strategies. Learn how to automate security measures and benefit from IndusSecurity consultations to enhance your organization's open-source security posture.
Syllabus
Introduction
Primary approaches
Dependencies
Complexity
Conda
Vulnerabilities
Cybersecurity Executive Order
Steps to Secure Your OpenSource Pipeline
OpenSource Maturity Curve
Best Practices
Pitfalls
Dependency Tree
Public Repo
What Happened
Curated Repo
Critical Questions
Anaconda
Public Data
Policies
Integration
Automate
Indus
Security Consultations
Taught by
Linux Foundation