Following DevSecOps means approaching security as an ongoing part of software development—and staying up to date on the code your software depends on.
Join Jon Kohler, Nutanix Technical Director, and GitHub Product Manager Maya Kaczorowski for an in-depth conversation into how Nutanix uses Dependabot and the GitHub dependency graph to understand which dependencies they use, their vulnerabilities, how to patch them—and get back to work.
In this talk, we’ll cover:
- What a software supply chain is and how to secure yours
- How to identify, manage, and update your dependencies using Dependabot and GitHub’s dependency graph
- How to report open source vulnerabilities and why