Session
Controlling your DevSecOps Journey through Open Source
For highly regulated companies, it can be a challenge contributing to open source communities. There are a number of regulations and other challenges with security and data loss prevention to overcome. Furthermore, there are few products or technology solutions that enable easier open source contributions in highly regulated environments. We also noticed that all companies rely on critical open source software that is associated with some security risks, in some cases with no way to upgrade to "clean" versions. To help with this security problem, as well as to facilitate open source contributions, Fannie Mae created the Clean Dependency Project. The primary goal is to clean up critical dependencies with intractable security issues from scanning software and then contribute them to open source communities. We will discuss how Fannie Mae engineers were able to construct a reliable process for cleaning up dependencies, satisfying Information Security requirements, and launching Fannie Mae's first open source community.
Raghavendra Vema
Software Engineering Principal @Fannie Mae, Developer Experience advocate and Proponent of Open Source Software
Glen Allen, Virginia, United States
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top