Event
Dependency Management Report 2024
Date
September 24, 2024
Time
9:00 am PT - 9:45 am PT
Event Type
Virtual
A ‘software dependency’ refers to external code or libraries that a software project requires to function properly.
Most are free and open source (OSS), saving the world an estimated $8.8 trillion in development costs. But OSS isn’t without its own risks, and the use of generative AI as a development assistant is already spawning new challenges. Managing risks, including vulnerabilities, in OSS dependencies is a top concern for organizations seeking to secure the software development lifecycle (SDLC).
Our annual Dependency Management Report explores emerging OSS dependency trends to consider as part of an SDLC security strategy.
- Dependency management all comes down to effective prioritization
- Dependency management is impossible with public advisory databases alone
- Artificial Intelligence makes programming easier, but dependency management harder
Want to stay in the loop?
Sign up for our newsletter.
Introducing Full Stack Reachability: Container Scanning That Actually Reduces Noise
Cut container vulnerability noise by up to 90% with full-stack reachability analysis spanning application and container image OS layers.
Read more
Classic Vulnerabilities Meet AI Infrastructure: Why MCP Needs AppSec
MCP servers inherit classical vulnerabilities like command injection, path traversal, and SSRF. Here's why LLMs and MCP deserve the same security practices as traditional applications.
Read more
How Fake Font Packages Abused npm as a CDN
101 packages disguised as font files distributed 34 TiB of data via npm's infrastructure—with a total of 4.3 PiB transferred via downloads.
Read more