Along with factors such as performance, scalability and usability, security is one of the key characteristics by which those who deploy open source judge your project. Just like those other characteristics, it doesn't just happen on its own and needs to be prioritised.
In this talk Dr. Nicko van Someren will present the Linux Foundation's Core Infrastructure Initiative (CII) and describe some of the efforts it is making to help open source projects improve their own security. He will discuss some of the measure and steps that projects can take to enhance their security processes and discuss the CII's Best Practice Badges Program, a free open source secure development maturity model, designed with and for the open source community. Citing both good and bad examples, he’ll dive into what progress is or isn’t being made with security vis a vis the software development lifecycle.
