Know What You Don’t Know: Gain Visibility Into Your Open Source Risk

October 31, 2018 from 11:00 AM – 12:00 PM EDT

Open Source Software (OSS) is pervasive in most modern development organizations. However, despite its numerous benefits, open source is often not built with security in mind and, thus, could be leaving your organization wide open to attack. How do Security and Development organizations work together to reap the benefits of OSS while also taking the necessary steps to mitigate the inherent risk?

Join IBM Security product specialists Scott Souder and David Marshak as they are joined by Forrester’s Amy DeMartine, who will discuss the recent Apache Struts 2 vulnerability and the steps your organization can take to integrate open source security testing into your development workflow.

You’ll come away with the following insights:

  • How to effectively inventory your OSS libraries to baseline your risk profile
  • How to bridge Security and Development organizations to gain developer buy-in and integrate security into your SDLC
  • What solutions are available to automate open source security testing across your organization

Register Now


Scott Souder

Program Director | Application Security

David Marshak

Senior Offering Manager, Application Security

Your browser doesn’t support HTML5 audio
Press play to continue listening
00:00 00:00