Breaking Down Findings & Insights From Contrast Security's 2021 State of Open-source Security Report

Much attention has been given to the software supply chain over the past several months due to the SolarWinds hack. Open-source libraries are a critical part of the software supply chain, and they can pose serious risk if they are not monitored and managed appropriately. Legacy software composition analysis tools equate third-party vulnerabilities on a level playing field. But the reality is most third-party code is never invoked by the applications in which they reside and pose no risk. A group of experts from Contrast Security discuss findings and insights from the new 2021 State of Open-source Security Report by Contrast Labs in this Inside AppSec Podcast. The discussion touches on library complexities as well as five layers of open-source risk. 

Om Podcasten

Contrast Security provides the industry’s only DevOps-Native AppSec Platform using instrumentation to continuously analyze and protect software from within the application. This enables businesses to see more of the risks in their software and less development delays and AppSec complexity. The Contrast platform integrates seamlessly into development pipelines, enabling easier security bug and vulnerability fixes that significantly speed release cycles. The Contrast Inside AppSec Podcast features informative, engaging interviews with security, development, and business leaders on application security trends and innovation. Visit Contrast Security at contrastsecurity.com.