Open Source Cybersecurity: Bug Bashes for Kubernetes Projects

Logo
Presented by

Sal Kimmich, Developer Advocate, Sonatype

About this talk

The landscape of cybersecurity is rapidly changing in the open source world. Traditional, or “Legacy Attacks” used to target code downstream in open source code running in production, but the next generation of attacks is in manufacturing upstream Typo-squatting campaigns, Malicious Code Injection directly at source and Tool Tampering in development stream, all of which pose risks from the biggest corporations to the smallest hobbyist project as we all rely on the same open source ecosystems to do our work. To handle these attacks at scale, we’ve developed open source Bug Bashes, a gamified event where developers compete and collaborate to fix as many bugs as possible in participating open source projects. To date, we’ve had 30+ developers fix over 700 bugs on 9 CNCF projects, and we are expanding this to globally scale - focusing specifically on the Kubernetes ecosystem in the coming months. Join this talk to learn more about how these bug bashes are making the K8 projects you already use more secure, and how you might be able to get involved as a participating project or contributor.
Related topics:

More from this channel

Upcoming talks (8)
On-demand talks (419)
Subscribers (62309)
The Enterprise Architecture channel presents the next generation of Enterprise IT: recognizing the strategic importance of digital transformation and the data center to make companies more nimble and competitive. These presentations will help demanding IT and BizOps professionals achieve flexibility, scalability and performance with reduced risk and complexity.