Loading…
November 19-21 2024
Napa, California
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for the event to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (UTC/GMT -8). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Wednesday November 20, 2024 9:30am - 10:00am PST
“Perfect is the enemy of good.” Whether it was Voltaire or Aristotle who said it first, it’s true for risk management in open source software.

For both vulnerability mitigation and license compliance, risk management is always a sliding scale. How do you define or apply practical policies to focus identification and mitigation for the highest risk vulnerabilities in the context of your technology stack? And for the highest risk licenses in the context of how you deploy or distribute products or applications?

In this talk, Michael will discuss setting priorities for open source software compliance and how to avoid the pitfalls of focusing on low value / high cost activities, based on over 15 years of experience running Software Composition Analysis projects. The best advice? Focus on accuracy over precision.
Speakers
avatar for Michael Herzog

Michael Herzog

co-founder and CEO, nexB
Wednesday November 20, 2024 9:30am - 10:00am PST
Vintner's Court
  Legal Track Sessions
  • Content Experience Level Beginner
  • Slides Attached Yes
Feedback form is now closed.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Share Modal

Share this link via

Or copy link