Securing Open Source Dependencies on Public Cloud
Aaron Whitehouse, Senior Director of Public Cloud Enablement at Canonical, explains why you need to be thinking about open source dependencies in your software pipelines.
He covers three main areas of software dependency management:
- The importance of understanding your software supply chain and how security vulnerabilities can be introduced to your software even if the source code is secure
- Why it can be difficult to bring security patches for open source dependencies into production environments while maintaining stability
- Potential solutions, including allocating sufficient resources to dependency management within your development team or relying on a trusted open source provider through a service like Canonical's Expanded Security Maintenance (ESM).
ESM is part of Canonical's Ubuntu Pro offering and gives developers access to approximately 30,000 packages that they can build on, confident in the knowledge that Canonical will patch high and critical vulnerabilities for up to 10 years while preserving API stability -- regardless of the upstream project's support lifecycle.
#opensource #publiccloud #canonical