The Front Lines: How One Company Systematically Mitigates Their Open Source Risk

Logo
Presented by

Mark Curphey, VP of Strategy, CA Veracode

About this talk

It’s one thing to simply talk about the pervasiveness of open source risk. What do you do when your leadership team wants you to actually take action? Where do you start? How do you even begin to inventory the seemingly insurmountable amount of open source libraries deployed across your entire application infrastructure? It takes a systematic approach to identifying vulnerable open source libraries – a system that requires multiple stakeholders across various functional groups including security, development, and sometimes your legal and vendor management teams. Join Mark Curphy, VP of Strategy at CA Veracode, as he interviews a customer to discuss how they were successful in implementing a scalable security program to effectively tackle the problem of open source risk. You’ll get real insights from an industry practitioner about how to recognize harmful third party libraries, establish an open source software security policy, and communicate security requirements to the team at large.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (396)
Subscribers (31055)
Veracode is intelligent software security. The Veracode Software Security Platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Prompted by powerful AI trained by trillions of lines of code, Veracode customers fix flaws faster with high accuracy. Trusted by security teams, developers, and business leaders from thousands of the world’s leading organizations, Veracode is the pioneer, continuing to redefine what intelligent software security means. Learn more at www.veracode.com