The challenge of software security in a DevOps-driven world is
enormous. The most effective place to give developer feedback and why
it’s manyfolds effective than where most people are giving it today.
As per one of the research 96.8% code on the internet is OpenSource.
When Open Source is a major part of the code and whole DevSecOps. It
becomes imperative to know the aspects of the open source’s usage, if
the open source libraries are not used properly or updated on time,
open source can make the applications severely vulnerable.
With the talk, we will find the hidden threats with open source
projects, DevSecOps pipeline and how OWASP Projects can help fix the
Vandana is a seasoned security professional with experience ranging from application security to infrastructure and now dealing with DevSecOps. She has been Keynote speaker / Speaker / Trainer at various public events ranging from Global OWASP AppSec events to BlackHat events to regional events like BSides events in India. She is part of the OWASP Global board of directors and works at Snyk as Security Leader. She also works in various communities towards diversity initiatives InfosecGirls, WoSec and null.