Illustrating the Systemic Risk Caused by Open Source Library Use

Logo
Presented by

Tim Jarrett, Senior Director of Enterprise Security Strategy, CA Veracode

About this talk

How far-reaching is a vulnerability in one open source component? We recently took a closer look at one vulnerable component to find out. We followed the path of one component library -- Apache Commons Collection (or ACC) that contained a serious vulnerability. We traced all the other libraries ACC touched and, in turn, made vulnerable. In the end, we found its vulnerability had spread to an astounding 80,323 additional components. Watch this REPLAY session to follow the path of this vulnerability and get a clear picture of exactly how and why open source libraries can pose such significant risk, and how to use and manage them in a secure way. *This webinar session was previously recorded.*
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (395)
Subscribers (31079)
Veracode is intelligent software security. The Veracode Software Security Platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Prompted by powerful AI trained by trillions of lines of code, Veracode customers fix flaws faster with high accuracy. Trusted by security teams, developers, and business leaders from thousands of the world’s leading organizations, Veracode is the pioneer, continuing to redefine what intelligent software security means. Learn more at www.veracode.com