from Dot Net Rocks , on 5/12/2022 , played: 74 time(s)
How do you know your open source is secure? Carl and Richard talk to Jillian Ratliff about security practices on your own code, and the open-source code you depend on. Jillian talks about some of the high-profile security problems that have happened recently in the open-source world including log4j. The conversation turns to practices for making your applications secure with open-source including security testing as part of your CI/CD pipeline, periodic penetration testing, and more!