Enregistrement de la présentation "Open Source et Cybersécurité" lors de l'évènement Open Source Expérience 2023, par Nicolas Ruff.
Références, par ordre lexicographique :
https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/
https://blog.rubygems.org/2022/08/15/requiring-mfa-on-popular-gems.html
https://bughunters.google.com/
https://cloud.google.com/blog/products/identity-security/google-cloud-assured-open-source-software-service-now-ga
https://cyclonedx.org/
https://deps.dev/
https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
https://docs.github.com/en/code-security/code-scanning
https://docs.github.com/fr/code-security/supply-chain-security/understanding-your-software-supply-chain/exporting-a-software-bill-of-materials-for-your-repository
https://en.wikipedia.org/wiki/Web_skimming
https://fr.wikipedia.org/wiki/Cyberattaque_de_2020_contre_les_%C3%89tats-Unis
https://github.blog/2022-07-26-introducing-even-more-security-enhancements-to-npm/
https://github.blog/2023-03-09-raising-the-bar-for-software-security-github-2fa-begins-march-13/
https://github.blog/2023-04-19-introducing-npm-package-provenance/
https://github.com/chainguard-dev/ssc-reading-list
https://github.com/cloudsecurityalliance/gsd-database
https://github.com/github/advisory-database
https://github.com/ossf/allstar
https://guac.sh/
https://in-toto.io/
https://mvsp.dev/
https://news.ycombinator.com/item?id=6520678
https://opensourcesecurityindex.io/
https://openssf.org/
https://ossf.github.io/osv-schema/
https://osv.dev/
https://pbom.dev/
https://qz.com/646467/how-one-programmer-broke-the-internet-by-deleting-a-tiny-piece-of-code
https://securityscorecards.dev/
https://slsa.dev/
https://snyk.io/fr/
https://sot.mitre.org/
https://spdx.dev/
https://tldrsec.com/p/software-supply-chain-vendor-landscape
https://tldrsec.com/p/supply-chain-security-overview
https://www.bleepingcomputer.com/news/security/linux-bans-university-of-minnesota-for-committing-malicious-code/
https://www.bleepingcomputer.com/news/security/pypi-announces-mandatory-use-of-2fa-for-all-software-publishers/
https://www.chainguard.dev/
https://www.cncf.io/announcements/2021/05/14/cncf-paper-defines-best-practices-for-supply-chain-security/
https://www.enisa.europa.eu/publications/good-practices-for-supply-chain-cybersecurity
https://www.nist.gov/itl/executive-order-14028-improving-nations-cybersecurity
https://www.sigstore.dev/
https://www.vendorsecurityalliance.org/
https://www.wired.com/story/3cx-supply-chain-attack-times-two/
https://www.youtube.com/watch?v=cOEwalxCFhw
Références, par ordre lexicographique :
https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/
https://blog.rubygems.org/2022/08/15/requiring-mfa-on-popular-gems.html
https://bughunters.google.com/
https://cloud.google.com/blog/products/identity-security/google-cloud-assured-open-source-software-service-now-ga
https://cyclonedx.org/
https://deps.dev/
https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
https://docs.github.com/en/code-security/code-scanning
https://docs.github.com/fr/code-security/supply-chain-security/understanding-your-software-supply-chain/exporting-a-software-bill-of-materials-for-your-repository
https://en.wikipedia.org/wiki/Web_skimming
https://fr.wikipedia.org/wiki/Cyberattaque_de_2020_contre_les_%C3%89tats-Unis
https://github.blog/2022-07-26-introducing-even-more-security-enhancements-to-npm/
https://github.blog/2023-03-09-raising-the-bar-for-software-security-github-2fa-begins-march-13/
https://github.blog/2023-04-19-introducing-npm-package-provenance/
https://github.com/chainguard-dev/ssc-reading-list
https://github.com/cloudsecurityalliance/gsd-database
https://github.com/github/advisory-database
https://github.com/ossf/allstar
https://guac.sh/
https://in-toto.io/
https://mvsp.dev/
https://news.ycombinator.com/item?id=6520678
https://opensourcesecurityindex.io/
https://openssf.org/
https://ossf.github.io/osv-schema/
https://osv.dev/
https://pbom.dev/
https://qz.com/646467/how-one-programmer-broke-the-internet-by-deleting-a-tiny-piece-of-code
https://securityscorecards.dev/
https://slsa.dev/
https://snyk.io/fr/
https://sot.mitre.org/
https://spdx.dev/
https://tldrsec.com/p/software-supply-chain-vendor-landscape
https://tldrsec.com/p/supply-chain-security-overview
https://www.bleepingcomputer.com/news/security/linux-bans-university-of-minnesota-for-committing-malicious-code/
https://www.bleepingcomputer.com/news/security/pypi-announces-mandatory-use-of-2fa-for-all-software-publishers/
https://www.chainguard.dev/
https://www.cncf.io/announcements/2021/05/14/cncf-paper-defines-best-practices-for-supply-chain-security/
https://www.enisa.europa.eu/publications/good-practices-for-supply-chain-cybersecurity
https://www.nist.gov/itl/executive-order-14028-improving-nations-cybersecurity
https://www.sigstore.dev/
https://www.vendorsecurityalliance.org/
https://www.wired.com/story/3cx-supply-chain-attack-times-two/
https://www.youtube.com/watch?v=cOEwalxCFhw
- Catégories
- E commerce Fournisseurs
Ajouter un commentaire
Up Next
Autoplay
-
31:38
Open Source Platforms and Open Source Community
-
06:20
9 Software Per fare eCommerce, e-commerce Open Source e Closed Source - eCommergy con Fulvio Sarao
-
09:01
Top 10 Best Open Source Ecommerce Platforms
-
1:36:58
L'investigation Open Source avec Maltego
-
03:12
e-commerce Open Source - Démonstration
-
1:30:45
ML ACADÉMIE FORMATION E-COMMERCE EN LIGNE, ENTREPRENDRE, GESTION PAGE, FRELENCE & COACHING WEBINAIRE
-
01:06
DESACTIVER Facebook RENCONTRE, comment mettre en pause son profil ou un compte Facebook Dating
-
13:35
Tuto Complet #3 - Les Projections D'Hosoda (Avec Ichimoku)
-
18:53
Un Business Ultra Rentable à Lancer en Afrique : Gagne 1 750 000 FCFA Par Mois
-
04:35
Guadagna con l'affiliazione Agrieuro
Chargement...
Commentaires