The Changing Role Of SCA In Your Open Source Security Strategy, Feat. Forrester

Presented by

Sandy Carielli, Principal Analyst at Forrester Research, Gauthami Polasani, Senior Product Marketing

About this talk

With over 90% of your code now comprised of open source components, all application security strategies must aggressively address the risk from open source vulnerabilities. Open source is a key driver of innovation, but it also greatly expands the attack surface for malicious actors. Modern security teams face the dual challenge of addressing risks and minimizing the burden on engineering of time-consuming processes that slow down product velocity. While software composition analysis (SCA) offers enterprises a solution to monitoring, analyzing, and mitigating risk in their open source code, there is an increasing need for more consistent policy standards and much deeper integration into existing software development workflows to improve both engineering efficiency and code quality. Join FOSSA and guest Forrester as we discuss: - The role of automation and SCA in open source security - Managing vulnerabilities across security and engineering - The evolution of SCA from scanning to policy - How to evaluate and choose an SCA solution
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (60)
Subscribers (6363)
Up to 90% of any piece of software is from open source, creating countless dependencies and areas of risk to manage. FOSSA is the most reliable automated policy engine for vulnerability management, license compliance, and code quality across the open source stack. With FOSSA, engineering, security, and legal teams all get complete and continuous risk mitigation for the entire software supply chain, integrated into each of their existing workflows.