Maria Loughlin is vice president of engineering at Veracode, where she leads development of the application security product suite. She discusses how open source and third party components are changing the threat landscape. Getting developers to keep code libraries current is key to reducing risk, she says. She also discusses how to reduce risk by using component inventories and developer education to mitigate risks of open source components and third-party sources. Loughlins talks about the importance of maintaining code libraries and keeping them current.”]
Source: https://www.databreachtoday.com/open-source-components-managing-risks-a-11895