Snyk’s annual report on “The State of Open-Source Security” demonstrates that many organizations are still struggling to tackle container security, revealing that of the top ten most popular default Docker images, each one of them contained at least 30 vulnerable system library versions. The official Node.js image has the most, shipping an image with 580 vulnerable system libraries installed. Snyk’s research also found that that one in four open source maintainers do not audit their code bases, and that 81% of respondents feel that developers should own the security of their application.
Summit
Panel: The State of Open-Source Security
Description:
Tags:
About Simon Maple
Simon Maple is the Field CTO at Snyk, a Java Champion since 2014, JavaOne Rockstar speaker in 2014 and 2017, Duke’s Choice award winner, Virtual JUG founder and organiser, and London Java Community co-leader. He is an experienced speaker, having presented at JavaOne, DevoxxBE, UK, & FR, DevSecCon, SnykCon, JavaZone, Jfokus, JavaLand, JMaghreb and many more including many JUG tours. His passion is around user groups and communities. When not traveling, Simon enjoys spending quality time with his family, cooking and eating great food.
About Liran Tal
A GitHub Star, recognized for activisim in open source communities and advancing web and Node.js security. Member of the Node.js Foundation ecosystem security working group, Project lead and contributor to the OWASP Foundation, and Developer Advocate at Snyk.