- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Open Source Project Security Baseline | OpenSSF Project Spotlight
The Open Source Project Security Baseline (OSPS Baseline) is designed to act as a minimum definition of requirements for a project relative to its maturity level. It is maintained by the OpenSSF Security Baseline SIG according to the project governance documentation.
The OSPS Baseline controls help project maintainers understand security best practices and expectations. Assessing a project’s compliance against the controls helps maintainers and project consumers understand where the project excels at security and where it has room to improve. Project consumers can then use the assessment results to understand how their usage of the project impacts their own security and compliance goals. Therefore, OSPS Baseline work is:
• Focused: Controls only contain MUST entries, not SHOULD.
• Realistic: Controls are practical for project maintainers to implement at the appropriate level for their project.
• Actionable: Controls provide specific recommendations.
• Meaningful: Controls have an impact on a project’s security posture. Ineffective controls add to maintainer burden.
Learn more at baseline.openssf.org
This video features insights from OSPS Baseline maintainer:
• Ben Cotton, Open Source Community Lead at Kusari
Видео Open Source Project Security Baseline | OpenSSF Project Spotlight канала OpenSSF
The OSPS Baseline controls help project maintainers understand security best practices and expectations. Assessing a project’s compliance against the controls helps maintainers and project consumers understand where the project excels at security and where it has room to improve. Project consumers can then use the assessment results to understand how their usage of the project impacts their own security and compliance goals. Therefore, OSPS Baseline work is:
• Focused: Controls only contain MUST entries, not SHOULD.
• Realistic: Controls are practical for project maintainers to implement at the appropriate level for their project.
• Actionable: Controls provide specific recommendations.
• Meaningful: Controls have an impact on a project’s security posture. Ineffective controls add to maintainer burden.
Learn more at baseline.openssf.org
This video features insights from OSPS Baseline maintainer:
• Ben Cotton, Open Source Community Lead at Kusari
Видео Open Source Project Security Baseline | OpenSSF Project Spotlight канала OpenSSF
Комментарии отсутствуют
Информация о видео
25 февраля 2026 г. 20:22:10
00:02:52
Другие видео канала
Open Source LLM Security
Exploring the Large Language Models Open-Source Security Landscape - Yotam Perkal, Rezillion
Head First Reporting of Linux Kernel CVEs: Practical Use of the Kernel Fuzzer- Yunseong Kim, Open Up
OpenSSF Webinar: Introduction to Project Alpha-Omega
TTX Session - Moderated by Dana Wang, OpenSSF; Panelist & Contributor Details in Description
Mastering Requirements How Clear Procedures Can Change Everything
OpenSSF TAC (November 1, 2022)
Supply Chain Integrity WG (March 16, 2022)
OpenSSF TAC Meeting (February 22, 2022)
Tools & Techniques: BOLT
Beyond Linux Kernel Testing: Approaches and Challenges - Shung-Hsi Yu, SUSE & Yunseong Kim, Debian
Highlighting the Uniqueness and Prevalence of OSS AI/ML Vulnerabilities - Jessy Ayala
Zarf Explained: DevSecOps for Air-Gapped & Offline Environments | OpenSSF Project Spotlight
Managing Vulnerabilities in Open-Source Dependencies - Eva Sarafianou, Mattermost
Unlocking the Secrets of Open Source Definition
Security In An Open World
Thinking About Source Code Security in New Ways - Yongjae Chung & Justin Cappos, New York University
Secrets in Public Git Repos: Why It Keeps Happening and How To Fix It - Arpit Jain
In Honk We Trust: Better Build Pipelines - Ram Iyengar, Cloud Foundry Foundation
Education SIG DEI Subcommittee (March 28, 2023)
OSS Security Meetup Japan on December 12 2024 by OpenSSF Japan Chapter
