fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

11K
active users

Seth Larson

@joshbressers @kurtseifried Listened to the latest episode, what you're describing about "actionable security by developers" is what my PyCon Taiwan keynote was about. One of the difficulties was providing things that developers (OSS and commercial) could do without approval or spending more time/funds.

@joshbressers @kurtseifried The advice included: learning and sharing stories, knowing your software inventory, knowing EOL/support lifespan for major software components, verifying software in motion, static analysis for insecure usage, better testing with warnings enabled, backwards incompatible changes for insecure defaults, better conversations w/ maintainers.

sethmlarson.dev/pycon-taiwan-2

Seth Michael LarsonPyCon Taiwan 2024 KeynoteBy Seth Michael Larson