Open Source Software (OSS) is pervasive in most modern development organizations. However, despite its numerous benefits, open source is often not built with security in mind and, thus, could be leaving your organization wide open to attack. How do Security and Development organizations work together to reap the benefits of OSS while also taking the necessary steps to mitigate the inherent risk?
Join IBM Security product specialists Scott Souder and David Marshak as they are joined by Forrester’s Amy DeMartine, who will discuss the recent Apache Struts 2 vulnerability and the steps your organization can take to integrate open source security testing into your development workflow.
You’ll come away with the following insights:
- How to effectively inventory your OSS libraries to baseline your risk profile
- How to bridge Security and Development organizations to gain developer buy-in and integrate security into your SDLC
- What solutions are available to automate open source security testing across your organization