Skip to Main Content
Lightning Talk Beginner

Guarding the Gates: Secure Open Source Library Consumption with vet

Approved
Sudhanshu Dasgupta
Sudhanshu Dasgupta
Session Description

Modern software is built on a mountain of open source code but inside that code there are hidden risks we often overlook: known vulnerabilities, malicious packages, abandoned projects, and incompatible licenses.

In this talk, we'll walk through the real-world problem of insecure OSS consumption, and introduce vet - an open source tool designed to automate the vetting of OSS libraries before use. With features like customizable filters and policy-as-code, vet empowers security and engineering teams to build guardrails directly into CI/CD pipelines.

Attendees will get practical understanding of how to integrate vet into their workflows, reduce technical debt, and make better, safer choices in their dependency stack.

Key Takeaways

1. Helps teams catch vulnerable or risky dependencies before they enter the codebase
2. Enables organizations to define OSS security policies in code and enforce them consistently.
3. Drives adoption of well-maintained and secure open source projects

References

Session Categories

Other
Security
Which track are you applying for?
Main track

Speakers

Reviews

Reviews are hidden by the event organisers.