Ending Open Source Security Fatigue - Lessons from Major Vulnerabilities

Explore strategies to mitigate open source security fatigue in this 44-minute conference talk from All Things Open 2022. Dive into lessons learned from three major open source security events: the Equifax breach via Struts, Log4j vulnerabilities, and Spring4Shell exploit. Analyze these situations as case studies to understand how security, engineering, and operations teams can streamline countermeasures for maintaining security and resilience without causing upheaval with each new vulnerability discovery. Examine past approaches that have failed and discover practical solutions to make vulnerability management less of a headache. While not eliminating vulnerabilities entirely, gain insights on reducing their impact and streamlining response processes for more efficient open source security practices.

Say Vulnerabilities One More Time - Ending Open Source Security Fatigue - Alyssa Miller