Open-source supply chain on Azure | Microsoft OSS series

Logo
Presented by

Aaron Whitehouse, Public Cloud GTM Alliances Director, Canonical

About this talk

There has been a Cambrian explosion in open source. We have moved from Linux as a hobby project to it powering aroud half of Public Cloud workloads. Free and open source software is now so mainstream that Microsoft owns GitHub and surveys show 90%+ of enterprise codebases contain open source. For developers and infrastructure builders, open source has accelerated innovation, letting them pull the building blocks for projects instantly at no cost while avoiding the lengthy procurement processes associated with paid software. In some cases, however, this has been at the expense of the organization properly determining a strategy around software provenance, security, support, and day-2 operations before incorporating the code. Ubuntu and Canonical have been at the forefront of putting open source software in the hands of innovators for more than 15 years, acting as a trusted conduit between distributed community developers and users to help bridge this gap. Docker containers/OCI images were a great addition to the ecosystem as they give developers a consistent way to ship software in a reliable, lightweight, and standardized way along with the entire software stack it depends on. In theory, operations teams can focus on deploying and life-cycle managing containers in their environment, without worrying about what’s inside. In doing that, however, they move responsibility like the security and provenance of that entire software stack to the application developer. Here, we see some of the same problems we have seen in the past. Do you know the software provenance and security story of the containers you have in production? Will the cutting-edge developer of today still be around in 10 years offering support and watching for security vulnerabilities in all of their app’s dependencies? Join Canonical to talk through these challenges and best practices in securing and supporting your open source supply chain on Azure, both in VM environments and when using containers.

Related topics:

More from this channel

Upcoming talks (9)
On-demand talks (315)
Subscribers (137190)
Get the most in depth information about the Ubuntu technology and services from Canonical. Learn why Ubuntu is the preferred Linux platform and how Canonical can help you make the most out of your Ubuntu environment.