Explore the impact of OWASP A9 guideline on component vulnerability management in this 45-minute conference talk from AppSecUSA 2014. Gain insights from real-world case studies of organizations implementing best practices to manage component usage across the software lifecycle. Examine industry trends based on thousands of application analyses, and learn about successes and ongoing challenges in addressing this critical security risk. Discover practical strategies for improving your organization's approach to identifying and mitigating vulnerabilities in third-party components.
OWASP A9: Using Components with Known Vulnerabilities - A Year Later
Overview
Syllabus
Introduction
Web frameworks
Awareness
Central
Open Source
Heartbleed
Vulnerability Awareness
Do they really care
The proof is in the pudding
Websphere
Maven Central
Supply Chain Mechanics
Application Development
Policy
Component Crack Cocaine
Application Training
Licensing
Virus
XML
Undesirable
I am
Bacon
Beer and Soda
Taught by
OWASP Foundation
