SecAppDev 2023 lecture details

Third-party library security management

Managing third party library dependence is one of the most difficult challenges in software development and requires significant process and technical discipline. This session offers actionable advice on getting this challenge under control.

Wednesday June 14th, 14:00 - 15:30
Room West Wing
Download handouts
Abstract

Managing third party library dependence is one of the most difficult challenges in software development. The OWASP Top Ten 2021 states you are vulnerable if (1) you do not scan for vulnerabilities regularly, (2) you do not fix or upgrade dependencies in a risk-based, timely fashion, and (3) software developers do not test the compatibility of updated, upgraded, or patched libraries.

In this session, we present a series of engineering suggestions to conquer these challenges. You will walk away with an actionable set of guidelines to help you manage the security of your third-party libraries.

Key takeaway

To handle third-party dependencies securely, you need to reduce the amount of libraries you use, vet the ones you use, and keep them up to date

Content level

Deep-dive

Target audience

All software developers

Prerequisites

Experience with building and maintaining software

Join us for SecAppDev. You will not regret it!

Jim Manico
Jim Manico

CEO, Manicode Security

Expertise: Secure coding, security engineering

More details

Join us for SecAppDev. You will not regret it!

Related lectures

SecAppDev offers the most in-depth content you will find in a conference setting