DevOps Conference
The Conference for Continuous Delivery, Microservices,
Containers, Clouds and Lean Business

An Intelligent Approach to Upgrading Open Source Libraries

Session

NEW SCHEDULE:
✓ August 31 – September 3

Register Now

NEW SCHEDULE:
✓ August 31 – September 3

Register Now

Until April 30:
✓ Raspberry Pi or C64 Mini for free
✓ Save up to 520 €
Register now
Bis 30. April:
✓ Raspberry Pi oder C64 Mini for free
✓ Bis zu 520 € sparen
Jetzt anmelden
Until June 18:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save over $840
Register now
Until June 18:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save over $840
Register now
Until May 28:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save up to $690
Register now
Until May 28:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save up to $690
Register now
Until Conference Starts:
✓ Group Discount
✓ Individual offers for
Freelancers and employees of scientific institutions

Register now
Bis Konferenzbeginn
✓ Kollegenrabatt

✓ Sonderkonditionen für Freelancer und
Mitarbeiter von wissenschaftlichen Einrichtungen

✓ Bis zu 375 € sparen
Jetzt anmelden

Maintaining secure versions of third-party libraries is a repetitive and tedious task at best. At worst, with many interdependent internal projects (think microservices) and dozens of layers of transitive dependencies, it is a logistical nightmare. A top-down, ad hoc approach is often used to resolve vulnerable third-party libraries, prioritizing high-severity vulnerabilities or internal projects critical to business functions, but failing to address the larger impact of vulnerabilities. TraceLink is taking a different approach, utilizing the graph structure of interconnected projects to perform security upgrades in an informed order from the bottom up. This talk will explore why the traditional approach is ultimately ineffective and show how the bottom-up approach addresses these shortcomings. It will also introduce open source software that defines an explicit strategy for third-party library version maintenance, aiding in the completion of vital security upgrades and compounding the effects of each upgrade to reduce overall work done.

This Session belongs to the Diese Session gehört zum Programm vom BerlinBerlin program. Take me to the program of . Hier geht es zum Programm von London London .

Take me to the full program of Zum vollständigen Programm von Berlin Berlin .

This Session belongs to the Diese Session gehört zum Programm vom BerlinBerlin program. Take me to the program of . Hier geht es zum Programm von New York New York .

This Session belongs to the Diese Session gehört zum Programm vom BerlinBerlin program. Take me to the program of . Hier geht es zum Programm von Singapore Singapur .

This Session belongs to the Diese Session gehört zum Programm vom BerlinBerlin program. Take me to the program of . Hier geht es zum Programm von Munich München .

This Session Diese Session belongs to the gehört zum Programm von BerlinBerlin program. Take me to the current program of . Hier geht es zum aktuellen Programm von London London , Berlin Berlin , New York New York , Singapore Singapur or oder Munich München .

Stay tuned:

Behind the Tracks

 

Kubernetes Ecosystem

Docker, Kubernetes & Co

Microservices & Software Architecture

Maximize development productivity

Continuous Delivery & Automation

Build, test and deploy agile

Cloud Platforms & Serverless

Cloud-based & native apps

Monitoring, Traceability & Diagnostics

Handle the complexity of microservices applications

Security

DevSecOps for safer applications

Business & Company Culture

Radically optimize IT

Organizational Change

Overcome obstacles on the way towards DevOps

Live Demo #slideless

Showing how technology really works