Stranger Danger: Addressing Vulnerable CF Application Dependencies
Stranger Danger: Addressing Vulnerable CF Application Dependencies [B] - Guy Podjarny, CEO, Snyk Open source packages are an incredible productivity boost, but also represent an undeniable risk. Such packages often include severe vulnerabilities, easily discovered and exploited by attackers. Keeping up-to-date on Cloud Foundry protects you from kernel and operating system vulnerabilities, but what about your application’s dependencies, pulled from npm, Maven, RubyGems and more? This talk will help you understand the risk and how to protect your application from vulnerable packages. We’ll demonstrate real world exploits on a live CF application, demonstrating their impact. We’ll then explain the steps you should put in place to address these vulnerabilities, and how to best implement them in your dev process and CF environment. Guy Podjarny Snyk CEO London, UK Twitter Tweet Websitehttps://snyk.io/ Guy Podjarny (@guypod) is a cofounder at Snyk.io, focusing on securing open source code. Guy was previously CTO at Akamai following their acquisition of his startup, Blaze.io, and worked on the first web app firewall & security code analyzer. Guy is a frequent conference speaker, the author of "Responsive & Fast”, “High Performance Images” and the upcoming “Securing Open Source Code”.