Scaling Security from Zero - How a Small OSS Ecosystem Jumped Into the Deep End
Eclipse Foundation via YouTube
Learn AI, Data Science & Business — Earn Certificates That Get You Hired
Earn a Michigan Engineering AI Certificate — Stay Ahead of the AI Revolution
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Learn how a small open source community transformed from having zero security expertise to building comprehensive regulatory compliance and security capabilities in this 14-minute conference talk. Discover the personal journey of starting with overwhelming regulatory documentation and evolving into structured action through the Ægis initiative within the Erlang Ecosystem Foundation. Explore practical strategies for aligning small communities through incremental decision-making, patient engagement, and focused resource allocation when working with limited capacity. Examine key milestones including securing external sponsorship, achieving OpenChain conformance, formalizing vulnerability handling as a Certificate Numbering Authority (CNA), and developing Source SBOM tooling integrated with the OSS Review Toolkit. Understand how the EU Cyber Resilience Act served as a catalyst for broader ecosystem transformation spanning SBOM generation, vulnerability lifecycle management, and dedicated security engineering capacity building. Gain insights into navigating compliance requirements with minimal staffing while demonstrating that meaningful progress toward long-term ecosystem resilience is achievable even when starting from zero expertise.
Syllabus
Scaling Security from Zero: How a Small OSS Ecosystem Jumped Into the Deep End | Jonatan Männchen
Taught by
Eclipse Foundation