当前位置:网站首页>Open source and safe "song of ice and fire"
Open source and safe "song of ice and fire"
2022-07-06 17:51:00 【CSDN information】
author | He Miao Coordinating editor | Zhang Hongyue
Produce | CSDN(ID:CSDNnews)
2022 Open a year log4j Cause the global information security earthquake , Governments around the world 、 Non profit foundations 、 Think tanks are paying high attention to the field of open source security :
The China Academy of communications and communications was established “ Open source and security ” department ;
OpenSSF GM Brian Behlendorf Make a statement in the United States Congress ;
Google And other giants invested heavily in safety related , Including bug fixes ;
Open source occupies more of the software supply chain , Enterprises begin to pay attention to SBOM、 Compliance testing, etc .
Such a cutting-edge and important topic , More people should know and pay attention to . therefore , from CSDN The host , Yunda Institute of China Academy of information and communication 、 Kaiyuan society 、 Tengyuan Association jointly supports 《 Open source Roundtable 》 In the eleventh issue, we invited technical experts from Huawei open source management center , The open atom Foundation TOC Member Xu Liang , Guoxue, deputy director of open source and software security department of Yunda Institute of Chinese Academy of communications , Polar fox (GitLab) DevOps Technical preacher 、OpenSSF Ma Jinghe, deputy head of the China working group, jointly discussed open source security issues .
This topic
“ Open source security ” What does it mean in a general sense ?
Why does a small open source vulnerability lead to a very serious open source security problem ?
Open source usually means open , And a high degree of openness will also bring higher risks , How to balance the natural contradiction between open source and security ?
How should enterprises establish their own open source security strategy ?
Share time and address
Time :7 month 5 Japan 19:00-20:30
Broadcast address :https://live.csdn.net/room/csdnnews/fXXyTo5y
platform :CSDN Website 、CSDN Wechat video Number
Sharing guests
Xu Liang Huawei open source management center , The open atom Foundation TOC member
As a member of the open source community, it is close 10 year , Experienced in the open source community “90 after ”, Xu Liang has been involved in the open source community since high school ,2011 It has become Debian Developers of , And repeatedly undertake GSoC Project mentors . Now he is a technical expert of Huawei open source capability center 、 Open atom open source foundation TOC member .
Xue Guo Deputy director of the open source and software security department of the Yunda Institute of the Chinese Academy of the communications
Xue Guo , Deputy director of the open source and software security department of the Yunda Institute of the Chinese Academy of the communications . Mainly engaged in open source 、 Safety related work , At present, he is the director of China Communications Standardization Association TC608 Open source governance 、 Insurance cloud 、 Cloud security 、 Team leader of risk management and other working groups . Lead the preparation ITU standard 《 Cloud computing risk management framework 》, Establish a trusted open source standard system , Lead the preparation 《 Open source ecological white paper 》 And more than ten white papers on open source and security .
Ma Jinghe Polar fox (GitLab) DevOps Technical preacher ,OpenSSF Deputy head of China Working Group
Engaged in research and development (ZTE), Have practiced DevSecOps(IBM), Currently in Jihu (GitLab) do DevOps/DevSecOps Technical sermons . Participate in open source related activities in your spare time , yes LFAPAC Open source preacher ,CDF ambassador,OpenSSF Deputy head of China Working Group .
Tang Xiaoyin ( host )CSDN《 New programmers 》 Managing editor
Tang Xiaoyin ,CSDN《 New programmers 》 Managing editor , Plan as a whole 《 Annual survey report of Chinese developers 》, Editor in chief 《 China AI Application developer Report 》、《 China open source application developer report 》 Series report , primary 《 The programmer 》 Magazine editor , Previous appointment MDCC、CCAI、 Editor in chief of developer conferences such as the open source heroes Association .
Scan QR code to make an appointment for live broadcast
Participate in interaction and win gifts
边栏推荐
- The easycvr platform reports an error "ID cannot be empty" through the interface editing channel. What is the reason?
- 面试突击62:group by 有哪些注意事项?
- MySQL stored procedure
- 远程代码执行渗透测试——B模块测试
- Openharmony developer documentation open source project
- Appium automated test scroll and drag_ and_ Drop slides according to element position
- SQL statement optimization, order by desc speed optimization
- Awk command exercise
- SAP UI5 框架的 manifest.json
- Kali2021 installation and basic configuration
猜你喜欢
[introduction to MySQL] the first sentence · first time in the "database" Mainland
The solution that flutterweb browser cannot be rolled back after refreshing
EasyCVR电子地图中设备播放器loading样式的居中对齐优化
Wordcloud colormap color set and custom colors
Pourquoi Li shufu a - t - il construit son téléphone portable?
Alibaba brand data bank: introduction to the most complete data bank
Optimization of middle alignment of loading style of device player in easycvr electronic map
SQL statement optimization, order by desc speed optimization
【Elastic】Elastic缺少xpack无法创建模板 unknown setting index.lifecycle.name index.lifecycle.rollover_alias
FMT开源自驾仪 | FMT中间件:一种高实时的分布式日志模块Mlog
随机推荐
Pytest learning ----- pytest operation mode and pre post packaging of interface automation testing
Pyspark operator processing spatial data full parsing (4): let's talk about spatial operations first
EasyCVR授权到期页面无法登录,该如何解决?
Flet教程之 13 ListView最常用的滚动控件 基础入门(教程含源码)
Establishment of graphical monitoring grafana
Spark calculation operator and some small details in liunx
[translation] principle analysis of X Window Manager (I)
Nodejs 开发者路线图 2022 零基础学习指南
Interview shock 62: what are the precautions for group by?
TCP connection is more than communicating with TCP protocol
C# NanoFramework 点灯和按键 之 ESP32
Mysqlimport imports data files into the database
历史上的今天:Google 之母出生;同一天诞生的两位图灵奖先驱
遠程代碼執行滲透測試——B模塊測試
《ASP.NET Core 6框架揭秘》样章发布[200页/5章]
The art of Engineering (3): do not rely on each other between functions of code robustness
Automatic operation and maintenance sharp weapon ansible Playbook
Pourquoi Li shufu a - t - il construit son téléphone portable?
编译原理——预测表C语言实现
一体化实时 HTAP 数据库 StoneDB,如何替换 MySQL 并实现近百倍性能提升