Language:
English
Pages:
1 online resource (1 volume)
,
illustrations
Keywords:
Computer security
;
Information resources ; Security measures
;
Electronic books
;
Electronic books ; local
Abstract:
Open source software is amazing, but it's also a complicated beast when it comes to ownership, trust, and security. Many organizations operate mission critical systems with the help of open source libraries, unaware that some of these libraries include vulnerabilities that hackers can easily exploit. This type of vulnerability led to the 2017 Equifax breach. In this practical report, author Guy Podjarny provides a framework to help you continuously find and fix known vulnerabilities in the open source libraries you use. Every software library has potential pitfalls, and vulnerable dependencies are prime targets. Aimed at architects and practitioners in development and application security, this report walks you through practices and tools to protect your applications at scale. Understand what known vulnerabilities are and why they matter Learn how to find and fix vulnerabilities in open source libraries Integrate testing to prevent adding new vulnerable libraries to your code Respond to newly disclosed vulnerabilities in libraries you already use Learn which aspects matter most when choosing a Software Composition Analysis (SCA) testing tool
Note:
Description based on online resource; title from title page (Safari, viewed December 11, 2017)
URL:
https://learning.oreilly.com/library/view/-/9781491996980/?ar
Permalink