Secure Open Source Practices - Jillian Ratliff - NDC Porto 2022
About this talk
With high-profile open source vulnerabilities in the news, it’s important to know how to choose secure libraries and manage your dependencies. In this talk, we will discuss why open source security is important, and you will learn practical steps you can take to ensure your software is as secure as possible. The impact open source can have on your applications Examples: Obviously everyone is talking about Log4j but there may likely be more examples by April Impact of vulnerabilities How to choose the best open source package How many other people are using it? How often is it updated? Known vulnerabilities (and the severity thereof) - where there’s smoke there’s fire. Licensing Nested dependencies and the trouble they can cause Updates aren’t optional Tools for scanning your open source Free tools Paid tools Check out more of our featured speakers and talks at https://www.ndcconferences.com https://ndcporto.com
Topics covered
Stay Updated
Get notified about new features and conference additions.
