1 option
Securing open source libraries : managing vulnerabilities in open source code packages / Guy Podjarny.
- Format:
- Book
- Author/Creator:
- Podjarny, Guy, author.
- Language:
- English
- Subjects (All):
- Computer security.
- Information resources--Security measures.
- Information resources.
- Physical Description:
- 1 online resource (1 volume) : illustrations
- Edition:
- 1st edition
- Other Title:
- Managing vulnerabilities in open source code packages
- Place of Publication:
- Sebastopol, CA : O'Reilly Media, 2017.
- System Details:
- text file
- Summary:
- Open source software is amazing, but it’s also a complicated beast when it comes to ownership, trust, and security. Many organizations operate mission critical systems with the help of open source libraries, unaware that some of these libraries include vulnerabilities that hackers can easily exploit. This type of vulnerability led to the 2017 Equifax breach. In this practical report, author Guy Podjarny provides a framework to help you continuously find and fix known vulnerabilities in the open source libraries you use. Every software library has potential pitfalls, and vulnerable dependencies are prime targets. Aimed at architects and practitioners in development and application security, this report walks you through practices and tools to protect your applications at scale. Understand what known vulnerabilities are and why they matter Learn how to find and fix vulnerabilities in open source libraries Integrate testing to prevent adding new vulnerable libraries to your code Respond to newly disclosed vulnerabilities in libraries you already use Learn which aspects matter most when choosing a Software Composition Analysis (SCA) testing tool
- Notes:
- Description based on online resource; title from title page (Safari, viewed December 11, 2017).
- ISBN:
- 9781491996980
- 1491996986
- 9781491996973
- 1491996978
- OCLC:
- 1015686912
The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.