4 Steps to Risk Ranking Your Vulnerabilities

Presented by

Mike Pittenger, VP Security Strategy, Black Duck Software

About this talk

Vulnerabilities are an inevitable part of software development and management. Whether it’s open source or custom code, new vulnerabilities will be discovered as a code base ages. A 2017 Black Duck analysis of code audits conducted on 1,071 applications found that 97% contained open source, but 67% of the applications had open source vulnerabilities, half of which were categorized as severe. As the number of disclosures, patches, and updates grows, security professionals must decide which items are critical and must be addressed immediately and which items can be deferred.   Join Black Duck’s VP of Security Strategy, Mike Pittenger, for a 30-minute discussion of best practices in open source security and vulnerability management. You’ll learn:   - Methods for determining which applications are most attractive to attackers, and which pose the greatest risk - Ways to assess the risk associated with a disclosed open source vulnerability - Strategies to minimize the impact of open source security vulnerabilities when immediate fixes can’t be made

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (75)
Subscribers (6597)
We go beyond traditional application testing to empower you to build security into your software at every stage of your development process. We offer application testing and remediation expertise, guidance for structuring a software security initiative, training, and professional services for a proactive approach to application security.