Managing open source language artifacts in repositories like Artifactory can be like pushing a rock uphill. As soon as you stop, gravity wins. Done with less care, it hinders both innovation and security. We explore the challenges of sourcing secure open source language packages, and share best practices for maintaining and updating them over time that can dramatically decrease your risk and overhead.
This webinar recording covers:
- Current challenges of populating your repositories with secure versions of open source packages, and updating them on a regular basis.
- Introduction to verifiably reproducible builds – a security best practice that is a MUST to counter supply chain threats.
- How teams using repositories like JFrog Artifactory can benefit from these best practices with ActiveState’s Trusted Artifact Subscription.
- Demo how the process works from curated catalog to developer machines – all without needing to change the way your developers work.
In short, if open source security is critical to your team, this webinar is for you! Get on the simplified path to trusted artifacts.
Who’s it for: Teams responsible for maintaining repositories, Security professionals, DevOps and DevSecOps professionals
Shaun Lowry has been building other people’s code for over 25 years. He has been building it for everything from a 3-man startup to multi-billion dollar enterprises and has seen it break in every conceivable way in a multitude of languages, frameworks and tools. He’s worked porting other people’s code across a variety of operating systems, developing security software, consulting on security, writing about security and now he’s bringing it all together at ActiveState building a secure software supply chain for open source.
