Application Security/Software Assurance
Security Congress Abstract
Many industries have extensively adopted open source software (OSS) for leveraging inherent benefits in reducing the development cost and shortening the production cycle. Unfortunately, such prevailing practices also introduce another attractive attack surface to potential attackers since a single vulnerability of popular OSS may effortlessly affect diverse services and products. In this talk, we discuss best practices to deal with such critical security issues in building solutions and services with OSS.