domingo, diciembre 4, 2022
InicioHealthUse "Scorecards" to Test on Safety of Your Open Supply Initiatives

Use «Scorecards» to Test on Safety of Your Open Supply Initiatives


In episode 60 of DevNet Snack Minute, DevNet’s Supervisor of Developer Advocacy, Matt DeNapoli, and I speak with Stephen Augustus, Head of Open Supply at Cisco.  On this episode we discuss “Scorecard”, and the way you utilize them to enhance the safety of your open supply challenge.

Scorecard is an automatic device that assesses plenty of necessary heuristics (“checks”) related to software program safety. It assigns every examine a rating of 0-10, giving customers of open-source initiatives a simple technique to decide whether or not their dependencies are protected. You should utilize these scores to:

  • perceive particular areas the place you’ll be able to strengthen the safety posture of your challenge
  • be sure that dependencies are protected – e.g.,
    • do I’ve binaries checked into my repository?
    • do I’ve department safety configured?
    • do I’ve CI assessments?
    • are we doing code critiques?
  • make knowledgeable selections about accepting dangers, evaluating various options, or working with maintainers to make enhancements.

In Stephen’s demo and dialogue you see how Scorecard offers you a sensible technique to know that safety challenges may be checked and addressed inside your challenge.

Study in regards to the new device Scorecard with Stephen Augustus, Head of Open Supply at Cisco.

Try the Scorecards repo on GitHub

Associated sources

We’d love to listen to what you suppose. Ask a query or depart a remark under.
And keep related with Cisco DevNet on social!

LinkedIn | Twitter @CiscoDevNet | Fb Developer Video Channel





Por favor ingrese su comentario!
Por favor ingrese su nombre aquí