The future of cybersecurity, today: Free and open source tools for CRA compliance for SMEs - OCX 24

Channel:
Eclipse Foundation
Subscribers:
24,000
Published on ● Video Link: https://www.youtube.com/watch?v=Eb-P6GgphXs


Duration: 0:00
53 views
2

Better software supply chain integrity and security for organizations of all sizes is increasingly important for cybersecurity, especially with the ever-expanding edge computing environment and upcoming regulatory requirements. Small and medium enterprises (SMEs) must improve their security posture, but they do not have the budget to install and operate complex, expensive software systems for vulnerability management, report and ultimately regulatory compliance. SMEs also do not have the bandwidth or access to a dedicated security team, CISO, or CERT to assist their software supply chain management efforts. Instead, SMEs (and open source projects) need the help of accessible, free, and open source software solutions (FOSS) to inventory the components used in their products, create and share SBOMs, continuously monitor and triage potential vulnerabilities, and communicate with their stakeholders about vulnerability exploitability (VEX) and remediation actions. SMEs need all this, with minimal friction and costs, to improve their security posture and ensure CRA compliance.  In this talk, Mikaël Barbero from the Eclipse Foundation and Philippe Ombredanne from AboutCode will share how free and open source software (including projects funded by the EU) can reduce the possibility of serious cybersecurity incidents and emergencies from distributed software and devices. With free and open source tools, any organization - and especially SMEs - can more efficiently comply with the emerging CRA regulatory requirements, improve their software supply chain integrity, and strengthen their software supply chain security.



Other Videos By Eclipse Foundation


2024-12-05Data Management and Exchange between a Meta-Orchestration Platform and Data Spaces
2024-12-02Eclipse IDE November 2024 Community Call: Engage and Shape the Future of SWT
2024-12-02Industrial Toolchains in the Era of Generative AI - OCX 2024
2024-12-02Mastering Target Platform Migrations: Challenges, Resources, and Best Practices - OCX 2024
2024-12-02Eclipse Theia - News from the Next Gen Tools Platform - OCX 2024
2024-12-02Enhancing Custom IDEs with AI: Strategies, Use Cases, and Pitfalls - OCX 2024
2024-12-02Integrating AI with Domain-Specific Tools: Practical Insights and Techniques - OCX 2024
2024-12-02The State of the Eclipse Foundation - OCX 2024
2024-12-02Eclipse ThreadX: A Star is (Re)born - OCX 2024
2024-12-02Hello World+ projects to test and benchmark software composition analysis tools - OCX 2024
2024-12-01The future of cybersecurity, today: Free and open source tools for CRA compliance for SMEs - OCX 24
2024-11-27Revealing… OCX 2026: Where Are We Heading Next?
2024-11-27Relive the Magic: OCX 2024 Aftermovie
2024-11-24Eclipse Dataspace Community Call 2024
2024-11-24What is the Eclipse Dataspace WG up to with ISO/IEC?
2024-11-17Secure development in Open Source - the road to SLSA level 3 compliance for Eclipse Temurin - OCX 24
2024-11-17Reducing risk in software supply chains:A project health perspective with a Kubernetes example-OCX24
2024-11-17Empowering a Connected Intelligent World With OpenHarmony and Oniro - OCX 2024
2024-11-17Magic industrial data acquisition with Apache PLC4X, TsFile and IoTDB - OCX 2024
2024-11-17Nurturing the Next Generation of Open Source Contributors - OCX 2024
2024-11-17Evolving real-world AsciiDoc into a specification and how it will help the ecosystem - OCX 2024