Loading…
AppSec California 2020, January 21-24 at the Annenberg Beach House, Santa Monica, CA
Back To Schedule
Friday, January 24 • 10:00am - 10:25am
Lightning Talk: Operationalizing our Open Source Security Scanner

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
During Summer 2019, two excellent interns (Ryan Slama and Matt Dwoncyzk) came to Slack to help us build a tool to scan for insecure, out-of-date open source dependencies. But this talk (mostly) isn’t about their tool - it’s about what happened after they wrote the tool and returned to school. We’ll tell you about how we took their awesome proof of concept and integrated it into our daily operations at Slack to help tackle the difficult and ongoing issues around including open source components in enterprise grade software. Along with the specifics of our situation, we'll also reflect on general lessons learned about integrating tooling into reality.
Speakers
avatar for Nikki Brandt

Nikki Brandt

Staff Security Engineer, Slack
Nikki Brandt is a Staff Tech Lead/Manager on the Product Security team at Slack, where she currently leads the Product Security team and drives the security review process. Before joining Slack, Nikki was a senior security consultant at NCC Group (via Matasano), and a security engineer... Read More →
avatar for Oliver Grubin

Oliver Grubin

Senior Security Engineer, Slack
Oliver Grubin is a Senior Security Engineer on the Product Security Team at Slack where he works on developing tooling, libraries and services to help keep Slack secure.

BrandtGrubin Operationalizing Ossify pdf
Friday January 24, 2020 10:00am - 10:25am PST
Terrace Lounge
  Talk: Protect It