You are viewing content from a past/completed QCon

Presentation: How to Sleep Soundly at Night While Using Open Source


Location: Westminster, 4th flr.

Duration: 2:55pm - 3:45pm

Day of week: Tuesday

Slides: Download Slides

Share this on:


Open-source components are prevalent in approximately 97% of modern applications and dominate anywhere between 60-80% of their codebases. This is hardly surprising given how integrating open source accelerates software development and enables organizations to keep up with today's frantic release pace and standards of constantly supplying new features and improvements.

However, taking into consideration the fact that recent years have seen an upsurge in reported open-source vulnerabilities, whose details and exploits are publicly available, it's no wonder that organizations are increasingly directing focus towards ensuring that their open-source components are securely integrated into their software.

This talk begins with two stories and the lessons to be learned from them. First, we'll hear about a famous hack based on a simple CVE exploit and its ramifications, and then about an M&A which suffered major complications due to an overlooked open-source license. During the second half of the talk, we'll discuss how to practically implement the lessons learned from these stories and the role developers can play in driving this process.

Speaker: Guy Bar-Gil

Product Manager @WhiteSourceSoft

I'm Guy Bar-Gil, product manager at WhiteSource, where we enable software development teams get the best out of using open-source components, without the headache, so they can focus on what they should be doing - making beautifully constructed software.

In my free time, I enjoy reading (everything from fiction to physics), running, snowboarding, surfing, and spending time with family and friends.

Find Guy Bar-Gil at

Last Year's Tracks