Innocent Vulnerabilities vs Malicious Backdoors: How to Manage Your Risk

Logo
Presented by

Rhys Arkins, Director of Product Management

About this talk

Have you considered what truly separates accidental vulnerabilities in open source from intentionally malicious releases? Although often grouped together as "vulnerabilities", malicious open source components are very different, right from their very creation through to the way you mitigate and remediate them as an end user. The past 12 months saw a record-breaking time for detection of malicious components in the world's most popular package registries. Join Rhys Arkins, Director of Product, as he will discuss: 1. The key differences between accidental vulnerabilities and malicious releases 2. How to manage the risk for each type of vulnerability 3. Lessons learned from the most interesting malicious packages spotted during 2019

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (177)
Subscribers (15113)
Mend, formerly known as WhiteSource, effortlessly secures what developers create. Mend uniquely removes the burden of application security, allowing development teams to deliver quality, secure code, faster. With a proven track record of successfully meeting complex and large-scale application security needs, the world’s most demanding software developers rely on Mend. The company has more than 1,000 customers, including 25 percent of the Fortune 100, and manages Renovate, link here, the open-source automated dependency update project. For more information, visit www.mend.io, the Mend blog, and Mend on LinkedIn and Twitter.