The Front Lines: How One Company Systematically Mitigates Their Open Source Risk

Presented by

Mark Curphey, VP of Strategy, Veracode

About this talk

It’s one thing to simply talk about the pervasiveness of open source risk. What do you do when your leadership team wants you to actually take action? Where do you start? How do you even begin to inventory the seemingly insurmountable amount of open source libraries deployed across your entire application infrastructure? It takes a systematic approach to identifying vulnerable open source libraries – a system that requires multiple stakeholders across various functional groups including security, development, and sometimes your legal and vendor management teams. Join Mark Curphy, VP of Strategy at Veracode, as he interviews a customer to discuss how they were successful in implementing a scalable security program to effectively tackle the problem of open source risk. You’ll get real insights from an industry practitioner about how to recognise harmful third party libraries, establish an open source software security policy, and communicate security requirements to the team at large.

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (384)
Subscribers (30578)
Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications. By identifying critical application-layer threats before cyber-attackers can find and exploit them, Veracode helps enterprises deliver innovation to market faster — without sacrificing security.