You are viewing content from a past/completed QCon -

Presentation: How to Sleep Soundly at Night While Using Open Source


Location: Westminster, 4th flr.

Duration: 2:55pm - 3:45pm

Day of week:

Slides: Download Slides


Open-source components are prevalent in approximately 97% of modern applications and dominate anywhere between 60-80% of their codebases. This is hardly surprising given how integrating open source accelerates software development and enables organizations to keep up with today's frantic release pace and standards of constantly supplying new features and improvements.

However, taking into consideration the fact that recent years have seen an upsurge in reported open-source vulnerabilities, whose details and exploits are publicly available, it's no wonder that organizations are increasingly directing focus towards ensuring that their open-source components are securely integrated into their software.

This talk begins with two stories and the lessons to be learned from them. First, we'll hear about a famous hack based on a simple CVE exploit and its ramifications, and then about an M&A which suffered major complications due to an overlooked open-source license. During the second half of the talk, we'll discuss how to practically implement the lessons learned from these stories and the role developers can play in driving this process.

Speaker: Guy Bar-Gil

Product Manager @WhiteSourceSoft

I'm Guy Bar-Gil, product manager at WhiteSource, where we enable software development teams get the best out of using open-source components, without the headache, so they can focus on what they should be doing - making beautifully constructed software.

In my free time, I enjoy reading (everything from fiction to physics), running, snowboarding, surfing, and spending time with family and friends.

Find Guy Bar-Gil at

Preliminary tracks

Discover some of the topics you will see at QCon London. *The schedule is subject to change

Event-Based Architectures: The Hard Parts

Architectures You've Always Wondered About

Building High Performing Teams

Scaling Security, from Device to Cloud

From Remote to Hybrid Teams: Return to Office?

Performance/Mechanical Sympathy

Next Generation Microservices: Building Distributed Systems the Right Way

The Cloud Operating Model

Chaos and Resilience: Architecting for Success

Modern Data Pipelines & Streams

Scaling Frontend

Modern JVM Innovations

MLOps: Implementing ML Across the Enterprise

Architecting a Modern Financial Institution

Crafting the Developer Experience