Webinar On Demand

Resolving the C/C++ Dependency Management Blind Spot

Recorded December 14, 2022

View a Complimentary Live Webinar Sponsored by FOSSA

C and C++ are efficient, flexible languages used in a number of performance-critical areas, like games, graphics, networking, and databases.

But the nature of the C/C++ ecosystem — coupled with the lack of a universally adopted package management story — has made it difficult for many organizations to maintain visibility into their C/C++ dependencies. This, in turn, has added significant complexity to managing open source licensing and security issues in C/C++.

In this webinar, we’ll share insight into the root causes of the C/C++ open source dependency identification problem — and ways to solve it, including:

  • Why tracking dependencies and their licenses and vulnerabilities is more complex in C/C++ than in other languages
  • Pros and cons (from an open source risk management standpoint) of different C/C++ dependency inclusion methods
  • FOSSA’s approach to identifying C/C++ dependencies and managing open source risk — and its underlying design philosophies
  • Why open source license compliance and vulnerability management are now more important than ever



Jessica Black, Senior Software Engineer, FOSSA

Jessica Black is a senior software engineer at FOSSA. She specializes in backend software and CLIs, primarily using languages like Rust and Haskell. When not programming, she’s usually enjoying Portland’s rain with a book or playing an MMO.

AaronWilliams_Headshot (1)

Aaron Williams, VP of Marketing, FOSSA

Aaron Williams leads FOSSA’s marketing, including our DevRel program. He has spent the past 20 years building developer communities at startups including Heavy.AI and D2iQ, and was an early leader within the Java Community Process. He’s also a huge TV junkie and occasional half marathon runner.