Build secure open source software with a security first approach with Santosh Yadav
Key Discussion Points
Open Source in the Dev Lifecycle
How open source components are used at each phase of development and where the highest-risk exposure points typically occur.
Supply Chain Security
Why software supply chain attacks are on the rise and how to vet, audit, and trust the open source packages your product depends on.
Dependency & Patch Management
Best practices for tracking outdated dependencies, applying patches promptly, and keeping your open source stack secure over time.
Building a Security-First Culture
How development teams can adopt shared ownership of security — making it a natural part of how software is built, reviewed, and shipped.
Speaker
What You'll Learn
Open Source Risks & Vulnerabilities
How open source dependencies introduce security vulnerabilities and why most teams don't discover them until it's too late.
Security-First Development
How to embed a security-first mindset into every stage of development — from initial design to production deployment.
Mitigating Risks Across the SDLC
Practical techniques for identifying, managing, and remediating open source security risks throughout the software development life cycle.