Why does a “simple upgrade” often take so long, and why's it *so hard* to get development teams to do it?
Fix Faster is a hands-on workshop for AppSec and Product Security practitioners that want to address security issues faster and more effectively.
This beginner-to-intermediate training is your chance to step into a developer’s shoes. Through live demonstrations, interactive discussions, and guided exercises, we’ll simulate project-based challenges—walking into unfamiliar, legacy codebases and working through realistic constraints to remediate vulnerabilities. Participants will face real-world scenarios across Java and Python ecosystems, gaining firsthand experience in remediating known vulnerabilities in open source software. With more empathy for "upgrade hell", you can better partner with your dev teams to help your org reduce risk faster.
We'll cover:
- Establishing a basic understanding of the complexities of software dependency management, such as breaking changes, version constraints and bugs
- Complex and simple upgrades for direct and transitive dependencies
- Evaluating remediation strategies, including vendoring, downgrading, and upgrading
Agenda:
1:30 - 2:00 PM - Check-in & Welcome
2:00 - 4:00 PM - Workshop Fix Faster
4:00 - 5:00 PM - Happy Hour