Explore the evolving landscape of open-source software (OSS) utilization in the public sector and its associated security concerns in this 25-minute conference talk by Ross Bryant from Phylum. Gain insights into the challenges of aligning OSS usage with current policies and controls. Learn best practices for complying with recent updates to NIST SSDF and SP 800-161, as well as new directives on Software Bill of Materials (SBOMs) for open-source components in the software supply chain. Examine the fundamental security model of OSS, its components, and evolving attack surface. Understand how threat actors and their Tactics, Techniques, and Procedures (TTPs) have changed within the OSS ecosystem. Discover how current controls need to adapt to address new areas of exposure in open-source software security.
Trusting Your Open-Source Software Supplier
Overview
Syllabus
Trusting Your Open-Source Software Supplier - Ross Bryant, Phylum
Taught by
Linux Foundation
Tags
Related Courses
-
Nation-State Threats in the Open-Source Software Supply Chain
-
Secure Software Development
-
Manage Open Source, Security and SBOMs for Software Projects and Organizations
-
Open Source Software Supply Chain Security - Understanding Threats and Best Practices
-
Is the Internet on Fire? Strategies for Mitigating Open Source Software Vulnerabilities
-
Navigating the Intersection: AI's Role in Shaping the Secure Open Source Software Ecosystem
