ActiveState Workshop: Building Secure & Reproducible Open Source Runtimes
Developers love working with open source, but typically spend too much time in “dependency hell” wrangling packages to work together within their projects. This pain boils over onto DevOps and DevSecOps teams who must ensure security and reproducibility of environments across the SDLC without sacrificing speed.
In this follow-along workshop, we use the ActiveState Platform to set up an example of Python machine learning (ML) runtime with security baked in and consistently applied across operating systems to show how your dev team can get up and running in minutes – pain-free.
Learn how to:
- Automatically build a Python runtime with all required packages built securely from source – right down to C libraries
- Run the Python code immediately for a ML use case using TensorFlow and Flask to identify dogs and/or cats (cute!)
- Deploy that runtime across your team via a command line
- Ensure and validate security end-to-end with CVE remediation, SBOMs and attestations at your fingertips
Workshop Prerequisites:
- Ensure you have Docker installed on your machine and running.
- Pull the docker image to your machine with docker pull ecole5/tensorflow-ml-demo:latest
- Create a free ActiveState account
Key Takeaways:
- Enable Python and other open source language developers (without tedious, painful dependency management) using an ML example
- Secure your software supply chain by automatically building dependencies from source, right down to C libraries
- Ensure security and integrity of open source components throughout your SDLC
Watch the Webinar
Webinar Presenters:
Nicole Schwartz – Security Product Manager, ActiveState
Nicole Schwartz speaks about Information Security, DevSecOps, Agile, and DEI. She is currently a Product Manager at ActiveState, Chief Operating Officer for The Diana Initiative, an organizer for the SkyTalks village at DEF CON. She holds a Master of Science in Information Technology from Clarkson University and can be found at @CircuitSwan.
Evan Cole – Sr. Solutions Engineer, ActiveState
At ActiveState, Evan works with enterprises to secure their open-source software supply chains while empowering dev teams to move faster. He is a certified AWS Cloud Architect with a research background in AI and big data engineering.
Mitch Ashley – CTO – Techstrong Group, Principal – Techstrong Research
Mitchell Ashley is a renowned strategist and technology executive. Mitchell has led successful IT, SaaS, and cybersecurity transformations. He’s led multiple teams in developing and bringing to market successful online services, cybersecurity, and networking products and services. Mitch serves as Principal of Techstrong Research where he leads a team of preeminent experts in digital transformation, DevOps, cloud-native, and cybersecurity. In this role, Mitch works with companies to align digital transformation and technology strategies to achieve disruptive goals and high impact results. Mitch is in high demand as a speaker at conferences the world over, and his popular DevOps Chats podcast engaging with digital leaders is one of the most widely followed in the field.
