Solution Study: Best Practices in Open Source Risk Management

Assessing risk in Open Source dependency use can make any security lead sweat. Projects which rarely update dependencies will be the slowest to react and remediate so-called “log4j incidents”, which is often referred to as “security debt”. Meanwhile, the risk of malicious code introduction or account takeovers in Open Source packages is not insignificant, so those who live on the cutting edge of latest versions may also be at increased risk from another angle. How can companies – especially those in highly-regulated industries like Finance – provide sensible guidance to software teams which optimizes their risk?

This presentation will address the challenge from both angles – how much more at risk are projects when they fall behind in dependencies, plus how much risk is there from malicious code in Open Source? Justin Clareburt will deliver this perspective as someone responsible within for both dependency automation solutions as well assupply chain security – scanning for malicious releases in near real-time.

Justin Clareburt - Squad Leader Renovate -


Case Study: Flow statt Flaschenhals - Automatisierte Softwarefreigabe in hoch-regulierten Domänen

Case Study: Evolution of DevOps culture at Netflix

Keynote: DevOps-Praktiken zu etablieren ist einfach, die Kultur zu ändern ist schwer!


Wir freuen uns, Sie auf der Enterprise DevOps Summit zu begrüßen.