Dependencies play an important role in the software development life cycle. The use of pre-built, often third-party components are used at various stages such as development, execution and testing. These software dependencies offer several benefits for software developers. They help devs deliver software quickly by providing pre-built functionality and extend the project's capabilities.

However, dependencies can also introduce compatibility issues, security vulnerabilities and dependence on external updates or maintenance. It is important that dependencies are properly assessed and managed, including version control and the security risks associated with them.

In this session, we will explore different types of dependencies, highlight the hidden costs of dependency management, provide concise guidelines for using open source libraries and discuss important security considerations to improve the software development process.

In this session you will learn about:

• Best practices for open source dependency management consumption
• Clear and concise definitions of dependency types
• The intrinsic risk associated with different package managers and repositories
• How to calculate the total risk and cost of insecure or inappropriate dependencies