Securing Open Source Software - End-to-End, at Massive Scale, Together

Explore the critical challenges and strategies for securing open source software in this 40-minute Black Hat conference talk. Delve into key lessons learned from coordinating industry-wide remediation of major vulnerabilities like Heartbleed and Shellshock. Examine the threat model of unmitigated challenges in the open source ecosystem, and analyze new data revealing the fragility and interdependence of core infrastructure security. Debate the complexities of securing OSS at scale, and uncover unspoken truths about coordinated disclosure. Gain valuable insights from Jennifer Fernick and Christopher Robinson on addressing the growing attack surface of open source software in enterprise environments and its foundational role in internet infrastructure.

Securing Open Source Software - End-to-end, At massive scale, Together