The State of Open Source Security Management RSA 2019
It is no secret - open source has become the main building block in modern applications, and it is almost impossible to develop software at today's pace without it. However, as the open source community grows, and the number of reported vulnerabilities keeps climbing, manually verifying the security and compliance of open source components can no longer provide the necessary control over the security of these components.