DevSecOps & Open Source Security Post-Equifax Breach

The major security breach at Equifax in 2017 should have been a wakeup call for many – but how much have dev and security practices changed since to ensure it doesn’t happen again? How vulnerable are the open source components you are using? How quickly can you identify and deploy security fixes?

This was the topic of our discussion with Derek Weeks, the Vice President at Sonatype, to talk about why security should be included in DevOps, the difficultly of compliance for open source usage and what may be in store for organizations that don’t take security seriously.

“If you don’t think you’re consuming a lot of open source, you really have to look at the reality of how software is built today… There are only six million JavaScript developers on the planet and they’re downloading 6 billion components a week.” Weeks offers small changes that developers– pressed for time – can make to make software products safer.

Greg Bledsoe hosts at the DevOps Enterprise Summit in Las Vegas.

Reach out to our guest:
– Twitter @weekstweets
– Linkedin www.linkedin.com/in/derekeweeks/
– All Day DevOps: www.alldaydevops.com/