Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Making Invisible Things Visible - Tracking Down Known Vulnerabilities

LASCON via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the findings of a comprehensive study on software development practices in this 45-minute LASCON conference talk. Delve into the patterns and practices of 3000 high-performance software development organizations, focusing on the use of open source and third-party components. Learn about the security implications of using these components, with 1 in 17 containing known vulnerabilities. Discover insights from the 2016 State of the Software Supply Chain Report, including an analysis of 25,000 applications and their component quality. Gain valuable knowledge on how leading organizations like Mayo Clinic, Exxon, Capital One, the U.S. FDA, and Intuit implement software supply chain automation to enhance application security. Understand the importance of component age in security considerations and learn strategies to balance development speed with quality and security early in the lifecycle. Compare your organization's application security practices with industry benchmarks and acquire actionable insights to discuss with your development and security teams.

Syllabus

Introduction
Components are not created equal
Open Source Components in the Top 10
Why are the numbers important
This years report
Software Supply Chains
Lessons from Deming
Supply of Components
Download Requests
Open Source
Known Vulnerability
Downloads
Open Source Components
Bruce Mayhew
Using New Components
Forrester Report
Cost of Remediation
Automation
Continuous Integration
Dependency Check
Software Supply Chain Report

Taught by

LASCON

Reviews

Start your review of Making Invisible Things Visible - Tracking Down Known Vulnerabilities

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.