Tidelift

Cover image for Upstream 2022 | Trust, visible and invisible: Open source supply chains and you
Tidelift_Staff
Tidelift_Staff

Posted on

Upstream 2022 | Trust, visible and invisible: Open source supply chains and you

We've all been hearing a lot about software supply chain security, but what does it mean to make open source more secure? Will a software bill of materials, package signatures, and more complex build systems prevent the next LOG4SHELL, HEARTBLEED, or PANTSDOWN?

Speaker: Aeva Black, Open source hacker, Microsoft

Discussion (0)