Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn to protect open source codebases from emerging security threats including AI-generated vulnerabilities and supply chain attacks in this 24-minute conference talk. Discover how to implement practical security scanning using open source tools like Trivy, Grype, Gitleaks, and Trufflehog to identify dependency vulnerabilities and detect exposed secrets in your code repositories. Master the creation and maintenance of Software Bill of Materials (SBOM) to safeguard organizational assets and establish comprehensive visibility into your software components. Examine real-world security incidents through detailed case studies, including Trufflehog's discovery of over 12,000 live API keys in AI training datasets, the Rabbit R1 credential exposure incident, and major supply chain breaches affecting organizations in the US and Japan. Witness live demonstrations showing how AI models trained on insecure code can perpetuate and amplify security vulnerabilities across development environments. Gain actionable techniques for implementing robust codebase scanning procedures, securing development pipelines, and establishing defenses against next-generation supply chain threats that target the intersection of artificial intelligence and open source software development.
