Software Development with Open Source: Securing Applications and IP

Presented by

Tim Mackey, Sr. Technology Evangelist at Black Duck by Synopsys

About this talk

Open source software is embraced by developers, enterprises, and governments at every level, and with it comes many strong opinions and few facts. How much open source is really being used in the applications you buy? Does the "many eyes" theory make open source more secure? Does traditional security testing address vulnerabilities in open source? With organizations becoming more agile but facing increasing regulatory governance, understanding how open source software development works, and how to secure open source, is increasingly important. In this session we’ll cover: - Code contribution and IP management - Fork management - Release process - Security response processes - Realities of IP risk and open source - Pass through security risk and responsibility - Keeping up with scope of impact changes within a single disclosure - Automating awareness of security risk from development through integration and delivery to deployment

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (75)
Subscribers (6598)
We go beyond traditional application testing to empower you to build security into your software at every stage of your development process. We offer application testing and remediation expertise, guidance for structuring a software security initiative, training, and professional services for a proactive approach to application security.