This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
File:Software Composition Analysis OWASP Stammtisch - Stanislav Sivak.pdf
Open Source Software Flood: Learning to swim (Stanislav Sivak)
If you want to be in nowadays, you count on open source software (OSS) to stay flexible and avoid reinventing the wheel. Many applications contain more open source code than proprietary code. Using components with known vulnerabilities is one of the most common OWASP risks.
In this presentation, we will look at the security, operational and legal challenges associated with the use of third-party components which are mostly open source. Next, we discuss how these risks can be addressed using various make-it-yourself or buy-it approaches so that you can stay atop of the OSS flood.
Bio: Stanislav Sivak has held several positions in the IT-security in the last 10 years: starting as a developer, continuing as Linux/database security administrator, however spending most time as consultant, working for the BIG 4, a small German-based company and he currently focuses on everything around the secure software development lifecycle.
File history
Click on a date/time to view the file as it appeared at that time.
Date/Time | Dimensions | User | Comment | |
---|---|---|---|---|
current | 11:35, 6 January 2020 | (2.41 MB) | T.Gigler (talk | contribs) | <b>Open Source Software Flood: Learning to swim (Stanislav Sivak)</b><br>If you want to be in nowadays, you count on open source software (OSS) to stay flexible and avoid reinventing the wheel. Many applications contain more open source code than propr... |
- You cannot overwrite this file.
File usage
The following page links to this file: