Bad actors have recognized the power of open source and are beginning to create their own attack opportunities. This new form of assault, where OSS project credentials are compromised and malicious code is intentionally injected into libraries, allows hackers to poison the well. Learn how security teams and developers must work together to stop this trend.
Derek E. Weeks is the world’s foremost researcher on the topic of DevSecOps and securing software supply chains. For the past five years, he has championed the research of the annual State of the Software Supply Chain Report and the DevSecOps Community Survey. He currently serves as vice president and DevOps advocate at Sonatype, creators of the Nexus repository manager and the global leader in solutions for software supply chain automation. Derek is also the co-founder of All Day DevOps, an online community of 65,000 IT professionals. In 2018, Derek was recognized by DevOps.com as the “Best DevOps Evangelist” for his work in the community.