Software today is rarely completely made of first-party code, and is more often “assembled” from other sources. This reusable code and functionality that developers have become more reliant on also comes with reusable vulnerabilities, and this open-source foundation most apps are now built upon is not like a solid, cement house foundation, but more like a shifting pile of gravel and sand. These libraries are in a constant state of flux, including their security status. Join this talk to get the data and analysis of our latest State of Software Security report, we analysed over 301,000 open-source libraries.
Join this session to learn:
- The most popular vulnerable libraries
- How developers choose libraries for their applications
- How often open-source libraries are updated, and why that matters
- What is holding developers back from addressing security vulnerabilities in open-source code
- The scope of the fixes required to address vulnerabilities in open-source code
- Best practices for managing open-source libraries