Achieving the Impossible: 3 Steps to Minimize Risk & Reap the Benefits of Secured Open Source
Open source has been with us for decades, but organizations are still struggling with dependency management, environment reproducibility and security. At the core of the issue is the need to enable developers to manage potential exploits while still allowing for an agile SDLC.
Unfortunately, existing solutions such as private repositories, SCA and AST do not fully address the open source supply chain problem, giving limited visibility into the full hidden dependency tree, and lacking the ability to produce secure environments at scale or quickly remediate vulnerabilities as they emerge.
In this webinar, we walk through 3 tenets of securely integrating open source into your development process (technical demo included):
- Observability: Knowing what open source components are in use, where they are being used, and where they came from.
- Scalability: Empowering developers with reproducible environments comprising vetted packages built from source. Ability to deploy environments across different operating systems and integrate into CI/CD systems.
- Remediation: Identifying all known CVEs in projects across your organization, and updating those components without fear of breaking a build.
Learn how ActiveState complements existing solutions to fully secure your software supply chain, and how you can make open source security seamless for your development team.
Pete Garcin, Director of Product, ActiveState
Pete has more than 15 years of software development experience in open source and games. He earned his undergraduate degree at the University of Waterloo, and an MA in Communication from Carleton University in Ottawa. He is passionate about engaging with communities and dedicated to enhancing developers’ experiences.
Evan Cole, Sr. Solutions Engineer, ActiveState
Evan is a Senior Solutions Engineer at ActiveState, where he collaborates with some of the world’s top and security-focused organizations to fortify their open-source software supply chains and foster agile development. A dedicated advocate for open-source technology, Evan possesses an in-depth understanding of the Machine Learning ecosystem.