Upgrading Third-Party Libraries and Software
When defending ourselves against the risks implicit in third-party libraries, we need to know what third-party software we use, and it takes a surprisingly large amount of effort to discover this. Once we know what’s in use, we need the ability to quickly upgrade any of the third-party libraries and any software deployed in our organization. What’s more, we need to be able to test these upgrades so that we can have confidence that the upgrade won’t break anything. We’ll want to automate this as much as possible because we need to do it often and we need to do it correctly. Manual upgrades done infrequently are unlikely to work when applied under extreme stress and at the hurried pace likely to accompany ...
Get Practical Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
