Photo

Safely through the dependency minefield using OWASP Dependency Track

Christoph Menzel

from inovex GmbH (Germany)

About speaker

Christoph Menzel is a software developer by heart and has been part of the inovex team as Head of Mobile & Web Development since 2022. For him, clean code and test automation are two fundamental components of good software development.

About speakers company

.

Abstracts

specific

Fortunately, security in software development is becoming more and more of a central issue. But with increasing complexity of our software and attacks on it, it is getting more important to keep an eye on all dependencies. The OWASP Dependency-Track tool offers a simple and effective solution for exactly this.

In this talk I will show you the benefits of Dependency-Track and you will learn how to use it to identify and avoid risks as well as how easy it is to integrate it into your build pipeline. Another important aspect is the monitoring of the used open source licenses, because here too it is easy to fall into one or two license traps.

Are you ready to discover the power of Dependency Track?

The Program Committee has not yet taken a decision on this talk

other talks of this topic

Photo
Securing K8s: back and forth to RBAC Enforce

Roman Levkin

Exness

specific
Photo
Platform Engineering for a Greener Future

Pini Reznik

re:cinq

broad
Photo
Reduce Alert Fatigue with AIOps

Birol Yildiz

ilert GmbH

broad
Photo
CNCF sandbox project k8up under the hood

Aarno Aukia

VSHN - The DevOps Company

specific
Photo
Knowledge Discovery Efficiency: The FeedHenry Case Study

Benjamin Igna

Stellar Work GmbH

specific
Photo
DevOps for AI: running LLMs in production with Kubernetes and KubeFlow

Aarno Aukia

VSHN - The DevOps Company

specific
Photo
Empowering Developers: Building an Application Catalogue with Crossplane

Aarno Aukia

VSHN - The DevOps Company

specific
Photo
The Balancing Act of Reliability

Yusuf Aytas

Workday

broad
Photo
Pentesting Kubernetes Services in the Cloud

Sergey Chubarov

Independent consultant

specific
Photo
Guarding the ML Galaxy: Beyond Accuracy to Privacy and Security

Rishabh Misra

Attentive Mobile Inc

broad
Photo
CRaCing Java Snapshots

Pasha Finkelshteyn

BellSoft

specific
Photo
Delivering SaaS on-prem with Cloud-native tools

George Hantzaras

MongoDB

specific
Photo
DevOps done right: RBAC

Daniel Drack

FullStackS GmbH

specific
Photo
AI for Next-Gen Security: OpenAI and Copilot for Security Synergy

Sergey Chubarov

Independent consultant

specific
Photo
Behind the curtain of PowerShell cmdlets

Sergey Chubarov

Independent consultant

specific
Photo
Actionable Observability

Lesley Cordero

The New York Times

broad
Photo
How do we deliver Agile Service Management?

Cristan Massey

Pearson Education

specific
Photo
An Intro to Kubernetes Hardening

Ayesha Kaleem

MBition GmbH

broad
Photo
Autonomous Agents and Their Role in Incident Management

Yoseph Reuveni

Not Affiliated

specific
Photo
K8s load testing at scale with k6-operator

Ant(on) Weiss

PerfectScale

specific
Photo
How to Measure PromQL/MetricsQL Expression Complexity

Roman Khavronenko

VictoriaMetrics

specific