Explore the findings of a comprehensive four-year industry study on application security practices, drivers, and trends within the open source development community in this conference talk from AppSecUSA 2014. Gain insights from a panel of senior application security experts as they discuss surprising survey results, including the lack of enforcement of open source policies, limited verification of component vulnerabilities, and inadequate tracking of open source vulnerability data. Learn about the impact of the Heartbleed bug announcement on organizations' preparedness for future vulnerabilities. Discover the implications of OWASP's inclusion of "(A9) Avoiding the use of open source components with known vulnerabilities" in its top 10 list and understand why 90% of typical applications are composed of open source components.
11,000 Voices - Experts Shed Light on 4-Year Open Source and AppSec Survey
Overview
Syllabus
11,000 Voices: Experts Shed Light on 4-Year Open Source & AppSec Survey - OWASP AppSecUSA 2014
Taught by
OWASP Foundation
Related Courses
-
Application Security Management Strategies - OWASP AppSecUSA 2014
-
OWASP A9: Using Components with Known Vulnerabilities - A Year Later
-
Vulnerabilities as Ingredients and OWASP Top 10 as Seasoning
-
Knowing What Risks Matter and Don't in Your Open Source
-
Introduction to the Newest Addition to the OWASP Top 10 - A9 Guidelines
-
Stop Chasing Vulnerabilities - Introducing Continuous Application Security
