Securing open source libraries managing vulnerabilities in open source code packages
Open source software is amazing, but it’s also a complicated beast when it comes to ownership, trust, and security. Many organizations operate mission critical systems with the help of open source libraries, unaware that some of these libraries include vulnerabilities that hackers can easily exploit...
| Otros Autores: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Sebastopol, CA :
O'Reilly Media
2017.
|
| Edición: | 1st edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009630370906719 |
| Sumario: | Open source software is amazing, but it’s also a complicated beast when it comes to ownership, trust, and security. Many organizations operate mission critical systems with the help of open source libraries, unaware that some of these libraries include vulnerabilities that hackers can easily exploit. This type of vulnerability led to the 2017 Equifax breach. In this practical report, author Guy Podjarny provides a framework to help you continuously find and fix known vulnerabilities in the open source libraries you use. Every software library has potential pitfalls, and vulnerable dependencies are prime targets. Aimed at architects and practitioners in development and application security, this report walks you through practices and tools to protect your applications at scale. Understand what known vulnerabilities are and why they matter Learn how to find and fix vulnerabilities in open source libraries Integrate testing to prevent adding new vulnerable libraries to your code Respond to newly disclosed vulnerabilities in libraries you already use Learn which aspects matter most when choosing a Software Composition Analysis (SCA) testing tool |
|---|---|
| Descripción Física: | 1 online resource (1 volume) : illustrations |
| ISBN: | 9781491996980 9781491996973 |
