Loading…
Edinburgh, Scotland, UK
October 21 & October 25 | Co-Located Events, Tutorials, & Workshops
October 22-24 | Conference
Find out more information for Open Source Summit + Embedded Linux Conference & OpenIoT Summit Europe 2018

Please note that you can view and download presentations on the Open Source Summit and Embedded Linux Conference + OpenIoT Summit slides pages. 
Monday, October 22 • 16:15 - 16:55
Setting up a Security Team for Your Project - Kate Stewart, The Linux Foundation & David Wheeler, Institute for Defense Analyses

Sign up or log in to save this to your schedule and see who's attending!

Tweet Share
Feedback form is now closed.
Great, you've put out your first release for your FLOSS project, but now someone has noticed there may be a problem. Bugs happen, and some of them may even be security vulnerabilities. How do you work with your project members to form a team for handling security concerns and deal with embargoes? This talk will go through some of the best practices as articulated in the CII badging program, that help a team prepare to handle security issues. As well it will overview the steps to become a CVE numbering authority (CNA), able to issue CVE's for your open source project. Zephyr project will be used as a case study to illustrate how these best practices have been applied.
Speakers
avatar for Kate Stewart

Kate Stewart

Senior Director of Strategic Programs, Linux Foundation
Kate Stewart is a Senior Director of Strategic Programs, responsible for the Open Compliance programs encompassing the SPDX, FOSSology, OpenChain, as well as other embedded projects. Kate was one of the original founders of SPDX, and is currently the specification lead. Since joining... Read More →
DA

David A. Wheeler

Research Staff Member, IDA
Dr. David A. Wheeler is an expert on developing secure software and on open source software (OSS) development. He wrote the book "Secure Programming HOWTO" on how to develop secure software, and his work on countering malicious tools ("Fully Countering Trusting Trust through Diverse... Read More →

Monday October 22, 2018 16:15 - 16:55
Cromdale Hall A, Level -2
  Open Collaboration Conference

Attendees (127)