Many of the largest companies rely on third-party code to run critical parts of their software. However, there's often little focus on ensuring the quality of these external dependencies.

Today we speak with Feross Aboukhadijeh, CEO and founder of Socket, a developer-first security platform. Socket helps developers and security teams release software faster and reduce time spent on security busywork. Feross is also a lecturer at Stanford, where he teaches CS233 Web Security. We discuss why the quality of third-party dependencies matters, when to start addressing this issue, how to handle unmaintained dependencies, and what tools are available for managing third-party dependencies.

After listening to the episode, be sure to visit the Socket website, connect with Feross on Twitter, and check out his personal website.

Mentioned in this episode:

Socket at https://socket.dev/ 

Feross on X at https://x.com/feross 

Feross website at: https://feross.org/