In today’s software ecosystem, the inclusion of dependencies in applications is practically a given. The use of dependencies has many benefits in terms of team velocity and business value, but they also come with risks. It is often suggested that “shifting left” is the best method to combat security risks in dependencies such as vulnerabilities, but this only catches vulnerabilities that have already been introduced. Implementing measures and best practices to prevent them from entering applications in the first place would be a more holistic approach. In this talk, you’ll learn about best practices for managing your dependencies and how to reap their benefits in your applications, without compromising on security or velocity.