How to Score an A+ on C++ in Open Source Security

Logo
Presented by

John O'Zemko, Manager Sales Engineering

About this talk

Software vendors and development teams that build their applications on low-level languages like C and C++ are aware of the complexity that comes along with using these versatile and adaptable languages. As such, most teams have processes in place to review code for security and quality issues. However, most teams are missing a glaring blind spot, and that’s the open source used in their applications. Despite making up 77% of the average application, open source can be difficult to track in C and C++ applications because of the lack of standardization around package manager use. Join us to learn how you can make open source risk management a part of your application security program. We will discuss: - How open source dependencies are used in C and C++ development - Security, quality, and IP compliance risk of untracked open source dependencies - How Black Duck SCA handles open source in C and C++ where others fall short
Related topics:

More from this channel

Upcoming talks (11)
On-demand talks (123)
Subscribers (65907)
Black Duck® offers the most comprehensive, powerful, and trusted portfolio of application security solutions in the industry. We have an unmatched track record of helping organizations around the world secure their software quickly, integrate security efficiently in their development environments, and safely innovate with new technologies. As the recognized leaders, experts, and innovators in software security, Black Duck has everything you need to build trust in your software. As of October 1, 2024 the Synopsys Software Integrity Group is now Black Duck®