TRENDING:

Application Security , Next-Generation Technologies & Secure Development

Better Bug Eradication in the Age of Agile Development

Veracode's Chris Wysopal Details the Latest SecDevOps Techniques Mathew J. Schwartz (euroinfosec) • February 14, 2017    

The upside of so-called secure development - writing code that's as free from bugs as possible - has long been known, says Chris Wysopal, CTO of app security vendor Veracode. Numerous studies have pointed to the relatively low cost required to fix code when it's in the development stage and the cost spike that occurs when bugs must be eradicated from production code.

See Also: Live Webinar | Cyber Resilience: Recovering from a Ransomware Attack

But bugs continue to plague code. With the rise of faster, agile-oriented programming methods, there are new ways to help find and eradicate these flaws earlier in the software development lifecycle, Wysopal says, including by bringing so-called SecDevOps techniques to bear.

In a video interview at RSA Conference 2017, Wysopal discusses:

  • Building secure software;
  • How organizations are tapping SecDevOps;
  • The rise of agile development and its implications for security;
  • The business imperative behind writing more secure code.

Wysopal is CTO of Veracode, as well as a member of the Black Hat review board. He was previously vice president of research and development at security consultancy @stake, which was acquired by Symantec. He also was one of the original vulnerability researchers at The L0pht, a hacker think tank, where he researched vulnerabilities and wrote security software such as Netcat for Windows and L0phtCrack.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.

Previous
The Need for Next-Generation Endpoint Protection
Next
Why Cybercrime Business Is Still Booming

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.



Around the Network

Why Entities Should Review Their Online Tracker Use ASAP
Why Entities Should Review Their Online Tracker Use ASAP
Threat Modeling Essentials for Generative AI in Healthcare
Threat Modeling Essentials for Generative AI in Healthcare
Zero Trust, Auditability and Identity Governance
Zero Trust, Auditability and Identity Governance
Critical Considerations for Generative AI Use in Healthcare
Critical Considerations for Generative AI Use in Healthcare
Inside Look: FDA's Cyber Review Process for Medical Devices
Inside Look: FDA's Cyber Review Process for Medical Devices
Why Connected Devices Are Such a Risk to Outpatient Care
Why Connected Devices Are Such a Risk to Outpatient Care
Why OT Security Keeps Some Healthcare Leaders Up at Night
Why OT Security Keeps Some Healthcare Leaders Up at Night
The State of Security Leadership
The State of Security Leadership
Addressing Security Gaps and Risks Post-M&A in Healthcare
Addressing Security Gaps and Risks Post-M&A in Healthcare
Generative AI: Embrace It, But Put Up Guardrails
Generative AI: Embrace It, But Put Up Guardrails

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.