Come learn how enterprises can use industry best practices to manage the risk of a constantly evolving vulnerability landscape and encourage responsible use of Node.js and associated modules at Enterprise scale. This talk will begin with an overview of the security posture of the JavaScript ecosystem and then cover how an Enterprise can reduce the risks in using OpenSource software by being well-managed and purposeful in the usage of Node.js and modules in the JavaScript ecosystem at Enterprise scale. Steve will go into more detail on how this can be done using subject matter experts across a company; how to utilize a working-group model; as well as using process, governance, and automation tools to minimize risk and reduce developer toil.