Managing Vulnerability Response Dependencies in Third-Party Components - AppSecCali 2019

Explore a comprehensive framework for managing dependencies in vulnerability response during this 53-minute conference talk from AppSecCali 2019. Discover how understanding dependencies can significantly improve the quality of Product Security Incident Response Team (PSIRT) responses, especially when dealing with third-party components. Learn about Dell EMC's successful approach to shifting from reactive to proactive PSIRT responses by implementing dedicated controls earlier in the product lifecycle. Gain insights into managing complex dependency chains, enabling developers to better understand the downstream impacts of upstream decisions, and ultimately enhancing the overall security posture of products incorporating open source and commercial third-party components.

AppSecCali 2019 - It Depends... - Kristen Pascale & Tania Ward