The speaker discusses the future of application security and the role of OWASP in securing critical open source libraries and frameworks.
- The speaker suggests that the future of application security lies in securing critical open source libraries and frameworks.
- OWASP should focus on curating and fixing critical open source libraries and frameworks to make them more usable for developers.
- OWASP should become a SAS provider and distribute secure open source libraries.
- The speaker emphasizes the need for a world security team to fix and secure open source projects.
- The speaker suggests that OWASP should partner with big open source projects to teach threat modeling and fix vulnerabilities.
The speaker mentions that when installing a package in Node, it may require downloading 3000 packages, which can be frightening. He also mentions that there are about a quarter of a million vulnerabilities in open source libraries. The speaker suggests that OWASP can step up and address this mass problem.