Talk: Dependable Dependencies

No matter how well developers write secure code, the biggest breaches are increasingly caused by the rarely-noticed libraries our applications depend upon. Acknowledged by OWASP Top 10’s number 9 - "Using Components with Known Vulnerabilities" - how do we best tackle this growing problem?

In this talk you'll learn how to easily adapt your application build pipeline to automatically inventory, detect and mitigate the security vulnerabilities of the components underpinning your applications.