Learn how to effectively handle security vulnerabilities in software projects through this 24-minute Eclipse Foundation talk that walks through the complete vulnerability management process, from initial reporting to resolution. Discover the proper procedures for addressing security issues, understand the concept of CVE (Common Vulnerabilities and Exposures), and explore essential resources including SECURITY.md templates. Master the Eclipse Foundation's latest tools and processes for managing security reports, ensuring your project follows best practices for responsible vulnerability disclosure and remediation.
Handling Security Vulnerabilities in Eclipse Projects - A Guide for Project Maintainers
Eclipse Foundation via YouTube
Overview
Syllabus
Introduction
What is a security issue
Who reports a security issue
What happens when the researcher starts working
How to fix the issue
What is a CV
Resources
Help
Questions
Taught by
Eclipse Foundation
Related Courses
-
Surviving the CVE Firehose: Strategies for Open Source Product Security
-
From CTF to CVE by Joe Gray
-
Simplifying Coordinating Vulnerabilities and Disclosures in Open Source Projects
-
Proactive Network Security Through Vulnerability Management - Gary Miliefsky - Hack in Paris
-
Introduction to cyber security: stay safe online
4.5 -
Improving FOSS Security - Best Practices for Vulnerability Management
