Open Source Security - What Security Testing Tools Miss

This is a past event

37 people went

Constant Contact

1601 Trapelo Rd · Waltham

How to find us

Trapelo Rd. exit from Rt. 128, toward Lincoln. The parking lot entrance is on the right, at the first traffic light. Drive around to the front of the office complex, facing the highway. Enter under the clock tower.

Location image of event venue

Details

7 pm - News, OWASP tools, documents review

7:20 pm - Black Duck Software presents - Static analysis, dynamic analysis, and other testing tools are all essential weapons against adversaries. But for the 80%+ of companies worldwide that use open source software in their application development these tools are ineffective in identifying and mitigating open source security risks . This presentation will cover:

The value of static and dynamic tools, and where they best fit in the Secure Development Lifecycle

Why these tools are not useful in identifying known vulnerabilities in open source components

Controls development and security professionals can deploy to select, detect, manage and monitor open source for existing and newly disclosed vulnerabilities

Food will be provided by Constant Contact.

Park in the front of the building and enter in the main building lobby, continue down the hallway and you will see the innovation center, enter in the large glass doors.

ALSO - Software Development Life Cycle - Akshat Pradhan

The SDLC. One engineer said it was an abstract concept. Another engineer mentioned it was Agile. And someone else said it's a Life Cycle. In this talk, we're going to discuss the SDLC.

About

Akshat Pradhan (https://www.linkedin.com/in/akshatpradhan) is Founder and Product Director of ComplianceChamp (http://www.compliancechamp.com/) - a consultancy service to manage your compliance (i.e. ISO 27001, PCI-DSS, HIPAA, FEDRAMP, SOC2). In addition to auditing, Akshat loves bringing people together to learn from each other, grow their capabilities, and collaborate to build secure things. For the past 6 years, he's been chair and organizer of the Boston Security Meetup - growing it from 0 to 2400+ members. Boston Security Meetup (http://www.meetup.com/boston-security-meetup/) is the second largest hacker organization on Earth after OWASP NYC!