Conf42: DevSecOps 2022

- premiere 5PM GMT

...

Going Beyond Metadata: Why We Need to Think of Adopting Static Analysis in Dependency Tools

Joseph Hejderup
Research Engineer @ Endor Labs

Joseph Hejderup's LinkedIn account Joseph Hejderup's twitter account


Software supply chain threats is on the rise. Existing dependency analyzers are looking to use static analysis to reduce false positives. I will hold a design discussion with practical examples on the promises & perils of moving towards adopting static analysis in package environments.

Awesome conferences for

Priority access to all content

Community Discord

Exclusive promotions and giveaways