Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Open Source Security - It can be done easily.

1,931 views

Published on

It's 2018. Are you still shipping vulnerable code? Find out how to get started easily with open source security and compliance.

Published in: Software
  • Hi there! Get Your Professional Job-Winning Resume Here - Check our website! http://bit.ly/resumpro
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Open Source Security - It can be done easily.

  1. 1. GET STARTED WITH OPEN SOURCE SECURITY
  2. 2. OPEN SOURCE SOFTWARE IS EVERYWHERE B I TC O I N I OT H EA LT H C A R EL I N U X A N D R O I D AU TO M OT I V E B LO C KC H A I N F I N T E C H D E V I C E S O P E N S S L A PA C H E S T R U T S S E C U R I T Y C A M E R A S P R O D U C T S YO U S H I P P R O D U C T S YO U B U Y YO U R W E B S I T E M I C R OWAV E
  3. 3. 95% 50% 25MM YOU USE OSS MORE THAN EVER MORE THAN of IT organizations leverage open-source software assets* Source: Gartner MORE THAN of all code written today is Open Source* Source: Flexera OSS Fact or Fiction report 2017 MORE THAN repositories of Open Source code exist today* Source: Github
  4. 4. YOU ALSO RUN A GROWING RISK OF THREATS H E A R T B L E E D CVE-2014-0160 S H E L L S H O C K CVE-2014-0160 G H O S T CVE-2015-0235 S T R U T S 2 CVE-2017-5638
  5. 5. THAT CAN THREATEN YOUR BRAND YOUR SE CURITY YOUR IP YOUR RE PUTATION
  6. 6. YOU NEED TO TAKE ACTION, BUT ITS NOT EASY So much code, 6 so little time.
  7. 7. WE GET THE DILEMMA Try these steps to find your best process manage your risk. You need a Simple On-ramp. You need choices Automated scans, hands-on, or somewhere in between.
  8. 8. EASILY MANAGE OSS SECURITY Step 1: Get a team in place. Step 2: Hook up your security solution. Step 3: Focus on high priority issues first. Step 4: Pay attention to alerts.
  9. 9. –Ad hoc or formal –Legal, security, engineering FACT: Less than 50% of companies have a team in place to set Open Source policy. * Flexera OSS Fact or Fiction report 2017 STEP 1 - GET A TEAM IN PLACE *
  10. 10. STEP 2 - HOOK UP YOUR SECURITY SOLUTION Integrate security scans into your build process Get Automated high level analysis of all your Code
  11. 11. STEP 3 - ELIMINATE HIGH PRIORITY ISSUES Focus on the highest priority first LICENSE EXPOSURE INVENTORY PRIORITY 22VULNERABILITIES 32 ITEMS 32 ITEMS VULNERABILITY EXPOSURE
  12. 12. STEP 4 - PAY ATTENTION TO ALERTS Continuous monitoring is key Watch out for alerts if a new vulnerability is discovered in current or shipped products
  13. 13. WHAT ABOUT HIGH RISK PROJECTS? Good question! Dial up the depth of analysis to include CONTAI NERS B UI L D DEPENDENCI ES SOURCE CODE “ COPY + PAST E” SOURCE CODE MULT I MEDI A F I L ESB I NARI ES
  14. 14. MANAGE THAT SOFTWARE SUPPLY CHAIN! YO UR CO DE S UPPLIE R CO DE O PE N S O UR CE PR O JE CTS PA R TNE R CO DE
  15. 15. AND TAKE CONTROL OF OPEN SOURCE SOFTWARE G E T C L E A N , S T A Y C L E A N W I T H F L E X E R A AL ERT To New OSS Vulnerabilities MANAGE OSS Vulnerabilities COMPLY With OSS Licenses SEL EC T Secure OSS Components T RACK OSS Usage
  16. 16. EXPLORE SOME RESOURCES Follow our BLOG Read our RESEARCH REPORTS Explore OSS TRENDS &PREDICTIONS FOR 2018
  17. 17. WE’RE REIMAGINING THE WAY SOFTWARE IS BOUGHT SOLD MANAGED SECURED
  18. 18. THANK YOU! © 2018 Flexera All Rights Reserved ww w. f l e x e r a . c o m

×