This session assumes no prior knowledge though some basic technical background would help.
The level of cyber-attacks across the world has reached pandemic status. Governments are creating legislation in an attempt to limit the damage by placing responsibility on software suppliers for the security posture of their products and services.
Regardless of this effort, the cost of remediation in patching a vulnerability, is expensive. Cybercriminals are attacking open-source projects directly, so the sheer number of vulnerabilities is rising enormously, making reactive patching even more challenging and costly.
In this session, we'll look at what is happening to move to a more proactive stance. Can we figure out how to predict vulnerabilities? Can we find ways to root out compromised projects? Can we create ways for developers to make better choices at the beginning and reduce the load on the business in patching?
The answer is a qualified yes - it's early days but there are heuristics emerging and hard data too to show that we can make a difference.
This talk will give you an introduction to the thinking happening across the industry and show how you can benefit already from this work.