While known vulnerabilities and out-of-date components seem like apparent risks, OSS has several other key risks that should be considered as well.

In this talk, we will cover the Top 10 OSS Risks. This includes common considerations such as known vulnerabilities and unmaintained or outdated software but also other key risks such as the compromise of a legitimate package, license risks, and excessive use of dependencies.

This talk will feature the Top 10 OSS Risks https://owasp.org/www-project-
open-source-software-top-10/ and include examples and case studies of notable OSS incidents tied to the risks discussed. It will also provide actionable takeaways for security and technology leaders to equip them to securely consume and utilize OSS in their enterprise environments and software/products while mitigating some of the most relevant risks associated with OSS