Overview
Explore the critical aspects of software security in this 32-minute tutorial focusing on the Struts2 vulnerability. Delve into the evolution of software development practices, from Agile to DevOps, and understand the advantages and risks associated with open source. Examine real-world examples of software supply chain attacks, including the Confluence Server and PipeI Package incidents. Learn about the Biden Executive Order's impact on cybersecurity. Participate in a hands-on workshop to gain practical experience in identifying and addressing vulnerabilities. Discover tools like OS Index for assessing package popularity and security risks across multiple programming languages. Gain insights into integrations and be prepared to tackle questions about modern software security challenges.
Syllabus
Introduction
Why are we building software
Large change in the way we develop
Agile to DevOps
Open Source
Disadvantages of Open Source
Software Supply Chain Attacks
Confluence Server Attack
PipeI Package Attack
Biden Executive Order
Evil Hackers
Workshop Walkthrough
Requirements
Setup
Instructions
OS Index
OS Index Overview
Supported Languages
AHAB
How popular is that package
Integrations
Questions
Taught by
Linux Foundation