Session: Open Source Software: Please Build Responsibly

Open-source software (OSS) has transformed the way we build software, for the better. It’s designed for reusability, transparency, ease and allows you to incorporate components into your own applications as dependencies. Most of the companies and applications we rely on today, are only made possible because of OSS.

But, the power of OSS did not come without also introducing significant risk. Open-source projects have vulnerabilities. In fact, last year 51% of JavaScript packages downloaded had a known vulnerability and 12.1% of Java packages had a known vulnerability. Or, they could be maliciously attacked by bad actors, compromising any applications that depend on those projects. Dependencies hosted in public repositories can disappear, breaking your builds. Complexity can obscure the true surface area of your application, making it difficult to spot security holes in your apps. The list goes on.

The good news – all of the risks can be prevented with responsible building practices. In this session learn:

  • How to pick a trusted source for OSS components, and why it’s so important
  • How to get started with free tools to begin checking for issues in components
  • How responsible building can actually improve the speed and reliability of your build pipeline
  • How automating your OSS security can help take 25 days of manual work, down to 5 minutes


IMPORTANT NOTE TO ATTENDEES:   Feel free to bring your own laptop and follow along.  There will be hands-on opportunities and a hands-on component to the session.  *You will need a GitHub account* 

Session Speakers:

Maury Cupitt

Maury Cupitt has spent the last 20+ years in enterprise software working with early stage startups and large enterprises to help position the value of their technology and make customers successful [Read More]