Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Supply Chain Armoring: Tools and Techniques for Open Source Projects

Linux Foundation via YouTube

Overview

Explore tools and techniques for armoring open source project supply chains in this 41-minute conference talk by David C Stewart from Intel Corporation. Gain insights into the urgent need for supply chain security, the importance of open source, and the impact of the US Executive Order on critical software. Learn about administratively separate builds, threat modeling, and the SALSA framework for assessing security levels. Discover open source tools for managing dependencies, addressing vulnerabilities, and implementing automation. Understand the dilemmas faced in securing software supply chains and gain valuable knowledge to enhance the security of your open source projects.

Syllabus

Introduction
My perspective
Why is this an urgent issue
Why open source is important
US Executive Order
Timeline
Critical Software
Administratively separate builds
Grumpiness
Analysis
Threat Model
Salsa
Levels
Salsa Map
Open Source Tools
Dependencies
The Dilemma
CVN
Automation
Summary

Taught by

Linux Foundation

Reviews

Start your review of Supply Chain Armoring: Tools and Techniques for Open Source Projects

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.