The Dark Side of Open Source

Open source software is embedded almost everywhere right now. It’s hard to imagine building anything today without it. While this is amazing and definitely accelerates our development, it can also be a risk as some recent supply chain attacks have shown. In this session, Feross Aboukhadijeh will explore some examples of recent supply chain attacks and offer strategies for protecting yourself against them.

The Dark Side of Open Source

Open source code makes up 90% of most codebases. How do you know if you can trust your open source dependencies? Software supply chain attacks have exploded over the past 12 months and they’re only accelerating in 2024 and beyond. We’ll dive into examples of recent supply chain attacks and what concrete steps you can take to protect your team from this emerging threat.

Feross Aboukhadijeh

Feross Aboukhadijeh

Founder & CEO at Socket

Feross is founder and CEO at Socket, a developer-first security platform. Feross has worked in open source software for 10+ years writing some of the most-downloaded JavaScript packages. Feross is a lecturer at Stanford where he teaches CS 253 Web Security. Socket makes a developer-first security platform that prevents vulnerable and malicious open source dependencies from infiltrating your software supply chain. Thousands of organizations in every industry use Socket to safely discover, audit, and manage OSS at scale.

Software Engineering

More Awesome Sessions

SESSION

Function Calling in Large Language Models

Xe Iaso will cut through the hype to tell you what you need to know about Large Language Models, what they are good for and how to best utilize them.

  • Xe Iaso
Check out all 318 sessions