View, browse, and sort the ever-growing list of sessions by pass type, track, and format. With this Schedule Builder, you can build your schedule in advance and access it during the show via export or with the mobile app, once live. For your schedule to sync properly with the mobile app, be sure to login to Schedule Builder with the same email address you used to register for Interop 2019.
Sessions do fill up and seating is first come, first serve, so arrive early to sessions that you would like to attend. Please note that adding a session into your agenda does NOT guarantee you a seat to the session.
Daniel Sauble (Product Manager, NPM)
Location: Grand Ballroom E
Date: Thursday, May 23
Time: 1:30pm - 2:20pm
Pass type: All Access, Conference - Get your pass now!
Track/Topic: Security, DevOps
Format: Conference Session
Vault Recording: TBD
Open-source software (OSS) has many benefits, but with those benefits come risks.
OSS is designed for reusability, the code is transparent, and you can incorporate OSS components into your own applications as dependencies. Great!
However, open-source projects might have vulnerabilities or be hijacked by bad actors—thus compromising any applications that depend on those projects. Dependencies hosted in public repositories can disappear, breaking your builds. Complexity can obscure the true surface area of your application, making it difficult to spot security holes in your apps.
The list of risks goes on, but you can mitigate them. In this session, learn the importance of picking a trusted source of OSS components; how to check publicly available data for issues in components; how caching dependencies can improve the speed and reliability of your build pipeline; and how automation can help you find and fix OSS security issues quickly.