In this presentation, I explore the dangers and risks that are tied to the usage of third party software components in modern software infrastructure. We explore the vulnerable vectors that are being forced on our applications simply because we do not own the source code or the SLA to fix it, which means that it may require a compensating control of some sort.
Organizations choose to outsource code knowingly or unknowingly
Using 3rd party code means faster development lifecycle, sometimes more mature
NOT more secure