Talk by George-Andrei Iosif
www.socallinux...
Codebases, regardless of location, face security threats. The Okta 2022 breach underscores this risk. Developers are advised to adopt a shift-left approach, tackling code flaws before public release. "The Open Source Fortress" offers a framework for using open-source tools to identify vulnerabilities in codebases. The emphasis is on static techniques like symbolic execution, secret scanning, code querying, and dependency scanning, as well as dynamic techniques such as fuzzing.
Негізгі бет The Open Source Fortress
Пікірлер