A pragmatic approach to security and third party dependencies

Online, CEST Time Zone May 26, 2021, 11:20 AM - 12:10 PM

Johan Lindfors

CINO at Truesec

Sebastian Olsson

Technical lead of Application Security at Truesec

As developers we must be aware of potential security vulnerabilities when writing code, but what about all those third-party components we use?

Regardless of if you use NuGet, NPM, Maven or some other package manager or build system there are tons of modules just waiting to be downloaded. How do you handle potential security risks from these third-party components, while staying productive and able to focus on delivering high quality software?

Tooling and automation can be very helpful, but we must know which problems we are trying to solve to be able to automate solutions. Let’s take a pragmatic look at the threats involved and what we can do to stay reasonably secure.

Security

Get inspiration & news from us

I agree that Cornerstone will send me news via e-mail