Workshop: Visibility Into Open Source Code
Trend Micro Cloud One™ – Open Source Security by Snyk
In this workshop, you’ll learn how to leverage Trend Micro Cloud One – Open Source Security by Snyk with your code repositories and CI/CD pipelines to scan projects. This empowers security teams with better visibility, tracking, and early awareness into open source issues for more relevant insights and risk management.
Workshop structure Agenda
The workshop is divided into the sections listed below. Plan for around 2 hours to complete the full workshop.
1. Introduction (10 minutes)
2. Identify integration points, and connect to a GitHub sample repo to test for open source risks (30 minutes)
3. Understand how to evaluate and monitor key findings and use the in-solution knowledge base (30 minutes)
4. Gain an understanding of direct and indirect dependency mapping (30 minutes)
5. Report and manage key findings for open source issues (15 minutes)
8. Conclusion (5 minutes)
9. Cleanup (5 minutes)
10. Survey (5 minutes)
Learning Objectives
- Open source = good, vulnerabilities = bad. Learn about application open source risks
- Understand the importance of visibility into open source dependencies
- Learn how to easily test your own repositories for open source issues
- Generate a Bill of Materials and monitor projects over time
- Surface open source license risks that may pose legal or compliance issues
Who should attend?
- Cloud Security Engineer
- DevSecOps Engineer
- SecOps Engineers
- Information Security
- Risk Application Manager
- Application Security
- Anyone interested in open source security and license management visibility across multiple application projects
Background knowledge for the workshop
- Basic knowledge on GitHub
- Basic security knowledge
Additional help
For any additional help please reach out to:
- Fernando Cardoso | Email: fernando_cardoso@trendmicro.com
- Felipe Costa | Email: felipe_costa@trendmicro.com
Talk to us
Report an issue or feature request
Built with by Trend Micro
Before we dive in, let’s go through a refresher on the core concepts explored in this workshop.
Read More HERE
