The Hidden Dangers of Component Vulnerabilities

Dangerous flaws in open source components and dependencies lurk within most applications today.
Components Make Up A Huge Part Of Modern Software
The Majority Of Applications Contain Component Vulnerabilities
Increased Breaches Due To Flawed Components
Organizations Have No Open Source Policy
Organizations Don't Track Or Control Components
Old Components Are De Rigueur
Component Dependencies Are More Than Skin Deep:

It's been four years since OWASP first put third-party vulnerability risks squarely on the appsec map when it included the problem in its Top 10 list. But in that time, the risk has only grown as increasingly more applications today depend heavily on open-source libraries, frameworks, and other components, all with their own vulnerabilities.

It's a very large attack surface for applications today and one which has increased chances of security headaches. Here are some of the latest stats on this hidden problem.

Next slide
Recommended Reading: