Diffing Hex packages

The tech industry is extremely dependent on open source packages. But every dependency you rely on is also a vulnerability. Multiple high profile packages across platforms have been hijacked and modified with malicious code.

This talk is about the value of auditing dependency updates and the tooling to make it less of a chore, including the introduction of a web-based diffing app and other tooling that helps you create an effortless auditing process.

THIS TALK IN THREE WORDS

Security

Dependencies

Hex

OBJECTIVES

Spread awareness about dependency management, and the importance of auditing code. Johanna will also discuss how tooling can make this less of a chore. Security should be easy.

TARGET AUDIENCE

Anyone who works with software.