Finding issues that matter in open source dependencies and fixing them without developer friction -- ADTmag

Finding issues that matter in open source dependencies and fixing them without developer friction

Date: Tuesday, December 12 at 11am PT / 2pm ET

Software dependency scanners are generally very noisy and surface issues that are not always required to be fixed. This ends up slowing down the development process as fixing these issues usually involves breaking changes. This session aims to explore reachability analysis as the solution for prioritizing essential vulnerability fixes in open source dependencies. We'll demonstrate methods to promptly identify and address these issues within the developer workflow, ensuring swift resolution without impeding development progress.

Register now!

About the presenters:

Kyle Kelly, Security Researcher, Supply Chain Team at Semgrep

Kyle Kelly is a Security Researcher on the Supply Chain Team at Semgrep, a fast, open source static analysis tool for finding bugs, detecting vulnerabilities in third-party dependencies, and enforcing code standards. In addition, Kyle is the Founder of CramHacks, a Supply Chain Security Newsletter, where he tries to convince people coffee is a supply chain risk.

Duration: 1 hour

Email Address:

First Name

Last Name

Job Title

Company

Country

Address

Department

City

State/Province

Postal Code

Foreign Province

Phone #

Which best describes your job title?

What is the total number of employees in your entire organization?

What is your organization's (or largest client if you are a consultant) primary business at this location?

I agree to receive email communications from 1105 Media, Inc. containing news, updates and promotions regarding offers from select vendors. I understand that I can withdraw consent at any time.

Your e-mail address is used to communicate with you about your registration, related products and services, and offers from select vendors. Refer to our Privacy Policy for additional information.