Sponsored by CA Veracode

October 18, 2018


To keep pace with the increasing demands of software development and delivery, the need for developers to leverage open source components and third party libraries continues to grow. Coupled with the escalating number of vulnerabilities these practices introduce, the result is an increased number of vulnerable entry points for cyber-criminals to exploit. However, this does not mean that companies should or must stop using components in their development efforts. Any company that forbids the use of components would be putting itself at a severe disadvantage in the digital economy.  Developers though do need to consider the security aspects of using open source libraries and components as part of their build and testing process.

Join this webinar to hear practical steps on how to reduce the risk of using open source components without slowing down development. Specifically you will learn how to create a baseline inventory of your components, get your development teams trained and equipped to manage the inventory, and integrate security testing into the SDLC.



Mark Curphey Headshot

Mark Curphey, Vice President of Strategy at CA Veracode

Mark Curphey is the Vice President of Strategy at CA Veracode. Mark is the founder and CEO of SourceClear, which provides software composition analysis designed for DevSecOps. SourceClear was acquired by CA Technologies in 2018. In 2001, he founded the Open Web Application Security Project (OWASP), a non-profit organization known for its Top 10 list of Most Critical Web Application Security Risks.