2019 BASC Presentations

From OWASP
Revision as of 13:12, 13 September 2019 by Laberdale (talk | contribs) (Create initial 2019 Presentations page)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Boston-Banner-468x60.gif
Home | Agenda | Code of Conduct | Presentations | Workshops | Speakers | Twitter 32.png


Platinum Sponsors

NCC Group Ordr WhiteHat


Gold Sponsors

Auric Checkmarx HackerOne Netsparker Sonatype Tala


Silver Sponsor

Qualys

Individual Sponsor: Justin Olin


Please help us keep BASC free by viewing and visiting all of our sponsors.



We would like to thank our speakers for donating their time and effort to help make this conference successful.


An Intelligent Approach to Upgrading OSS Libraries

Presented by: Madison Cool

Maintaining secure versions of third-party libraries is a repetitive and tedious task at best. At worst, with many interdependent internal projects (think microservices) and dozens of layers of transitive dependencies, it is a logistical nightmare. A top-down, ad hoc approach is often used to resolve vulnerable third-party libraries, prioritizing high-severity vulnerabilities or internal projects critical to business functions, but failing to address the larger impact of vulnerabilities. TraceLink is taking a different approach, utilizing the graph structure of interconnected projects to perform security upgrades in an informed order from the bottom up. This process aims to automate third-party library version maintenance as much as possible, aiding in the completion of vital security upgrades and compounding the effects of each individual upgrade to reduce overall work done.



You can find out more about this conference at the 2019 BASC Homepage
or by emailing boston-leaders@owasp.org
Twitter 32.png