As React continues to dominate the web development landscape, securing the vast ecosystem of open source dependencies has never been more critical. In 2024, the challenges around React and JavaScript security have evolved, and the risks associated with software supply chain attacks are more pronounced than ever.
In this talk, we’ll explore the current state of JavaScript security, highlighting recent high-profile supply chain attacks and their impact on the development community. We’ll discuss the latest trends, tools, and best practices for managing and securing your JavaScript dependencies.
Key topics will include:
• An overview of recent supply chain attacks and lessons learned
• Effective strategies for mitigating risks from malicious dependencies
• How modern tools and standards are improving the security landscape
• The role of developers and organizations in fostering a secure open source ecosystem
Join Feross Aboukhadijeh, a seasoned open source maintainer and security expert, as he shares insights and practical advice on navigating the complex world of JavaScript security in 2024. This session is essential for developers, security professionals, and anyone invested in maintaining a secure and resilient software supply chain.
This talk has been presented at React Summit US 2024, check out the latest edition of this React Conference.
Comments