Velichka Atanasova

Velichka is a Senior Open Source Engineering Manager in VMware’s Open Source Program Office where she thrives exploring the innovation capabilities and collaborative power of open source.
Before joining VMware in 2019, she spent more than a decade working for a large international financial institution, rising from a junior .NET engineer to the head of the software development department in Sofia, Bulgaria. Over the years, she has engaged in all aspects of the software development lifecycle and gained considerable knowledge and experience in Project and People Management.
Velichka lives in Sofia with her partner and is raising two smart and self-confident young ladies.


Session

03-13
14:35
30min
Dependency Management: Risk vs. Crisis Management
Radoslava Zheleva, Velichka Atanasova

The dependency graphs of modern applications greatly demonstrate how we build software today – we focus on our unique innovation and deal with common challenges by leveraging existing solutions. Though that’s a fine software development approach, each third-party component we use drags along dependencies that drag along their dependencies, and we end up with tons of known and unknown dependencies which could get us into legal and security trouble.

To identify and mitigate risks, we need increased knowledge of all software assets, choosing dependency wisely, tacking changes, and timely updating them.

In this talk we are going to explore the legal and security dependency management challenges and argue that risk management planning is better than crisis management.

Legal & Compliance
Stage 1