Dependencies in open source

If you visit to download code to include in your project, or you visit stack overflow for help, or if you find snippits using a search engine, you have open source dependencies

Actionable Advice

The best part about getting to give a security talk at OSCON is I’m not talking to a security audience, I get to talk to developers about security. Developers, the ones who do the actual work, sometimes in spite of their security teams causing friction and slowing things down.