SecAppDev 2025 - Supply chain security
SecAppDev 2025 offers three days of in-depth lectures and two days of hands-on workshops. Use the buttons below to navigate between the topics.
AI / ML security
Threat modeling
OWASP top 10
Authorization
Architecture
Secure Coding
Supply chain security
API security
Web security
Governance
Application Security
Reviewing 3rd party libraries security using Scorecards
Introductory lecture by Niels Tanis
We rely on 3rd party libraries which results in security risks. OpenSSF’s Scorecard helps assess package security. This session explores its checks and additional insights to strengthen supply-chain security.
Key takeaway: Understanding how to leverage the OpenSSF Scorecard to review used 3rd party libraries more easily.