AppSecUSA 2015 has ended
AppSecUSA 2015 - Buy ticket at http://2015.appsecusa.org/buy/
Back To Schedule
Thursday, September 24 • 1:00pm - 1:55pm
Strengthening the Weakest Link: How to Manage Security Vulnerabilities in Third Party Libraries Used by Your Application

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Organizations are increasingly incorporating open source software into their applications. Leveraging existing software to provide generic functionality results in reduced development costs as well as faster time to market.

However, along with these benefits, this freely available software also comes with an inherent problem – security vulnerabilities. While the advantages of using open source software are obvious, the negative impact on security brought on by their use is insidious.

While organizations spend enormous effort in securing their applications, most of this effort goes toward securing the part of the application that was developed in-house. A relatively small percentage of effort goes toward evaluating vulnerabilities in open source software, if they are considered at all. This makes open source libraries the weakest link in the security chain of an application.

We will present the current status of vulnerabilities in commonly used third party libraries and their impact on your application. We will then discuss an approach to holistically secure your application: a combination of securing in-house code and managing the security risk of third party libraries that are used.

avatar for Krishnan Dhandapani

Krishnan Dhandapani

Information Security Professional, Wells Fargo
Krishnan is currently an information security professional at Wells Fargo, involved in research and implementation of security solutions. He combines his solutions with his quest for automation. He graduated from The University of Kansas. What he learns from his profession, he loves... Read More →

Thursday September 24, 2015 1:00pm - 1:55pm PDT
Room B