Explore the potential risks and vulnerabilities associated with open source dependencies in this 36-minute conference talk from AppSec EU 2017. Delve into the aftermath of the left-pad incident, where the removal of a small open source package caused widespread disruptions for major tech companies. Examine the complexities of modern software dependencies and their potential to become unexpected attack vectors. Learn to identify which common open source packages may be at risk of disappearing, understand the impact of maliciously modified packages on your applications, and gain insights into the intricate web of dependencies in today's software ecosystem. Equip yourself with knowledge to better assess and mitigate risks associated with open source dependencies in your projects.
Open Source Dependencies: Risks and Impacts - AppSec EU 2017
Overview
Syllabus
AppSec EU 2017 Could A Few Lines Of Code F!#ck It All Up! by Erez Yalon
Taught by
OWASP Foundation
Related Courses
-
Could a Few Lines of Code Mess It All Up
-
Fresh SLSA and GUAC - Understanding Open Source Package Risks and Transparency
-
EU's Efforts to Secure Open Source Software
-
Supply Chain Security with Dependency Track
-
Dependencies: Do's and Don'ts - Managing Application Dependencies Securely
-
The Supply Chain Conundrum: Why Traditional Application Security Is Failing Us
