Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

The Importance of Developer Tooling for Secure Open Source Software

Linux Foundation via YouTube

Overview

Explore the critical role of developer tooling in enhancing open source software security in this 43-minute conference talk by Brian Behlendorf from the Open Source Security Foundation (OpenSSF). Discover how creating effective developer tools can simplify the process of writing secure software and alleviate the burden on maintainers. Learn about research findings from OpenSSF and Linux Foundation highlighting the benefits of improved tooling for maintainers with limited bandwidth for security concerns. Examine examples of valuable tools, including CI pipeline solutions, Sigstore for package signing and verification, and automated vulnerability scans and remediation. Gain insights into the Alpha-Omega Project's "Omega" initiative, which focuses on applying automated security analysis, scoring, and remediation guidance to the "long tail" of open source projects. Explore potential community-driven improvements, such as developing CI tools for easier integration of fuzzers or static analysis tools. Delve into existing initiatives in the security tooling space, discuss ideas for future developments, and learn how to get involved in these crucial projects.

Syllabus

The Importance of Developer Tooling to Make Open Source More Secure by Default - Brian Behlendorf

Taught by

Linux Foundation

Reviews

Start your review of The Importance of Developer Tooling for Secure Open Source Software

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.