Tackling vulnerabilities in third-party packages

NOTE: The following will be in effect and mandatory for this meeting venue.

• RSVPs will close at 11:59 PM PT on Monday, July 21st, so kindly submit your RSVP by then. Walk-ins will not be permitted.
• Google Security mandates that RSVPs include your full name (in Meetup settings) and that you bring your ID, which will be checked at the entrance to match your RSVP.
• If your first and last name do not appear in our admin view, we will contact you.
• Alternatively, feel free to reach out directly or email us at orange-county-leaders@owasp.org to provide that information.

Parking
Park in the public garage structure next to the building. We will be providing paid tickets for exiting the garage.

Live Stream
Stream us live on Twitch: http://twitch.tv/owaspoc
Please change your RSVP to "No" if you can't make it and/or will join via livestream instead.

Abstract
Dependency scanners often overwhelm developers with non-critical issues, reducing development efficiency. This session will introduce strategies for effective software dependency management, aimed at realistic security goals. We'll cover how to identify and prioritize key vulnerabilities using tools like code-scanning reachability analysis, ensuring a smoother remediation process.