Solving Systemic Risk in Software Development – Chris Wysopal – ASW #176



In today’s session Chris Wysopal will address a number of topics with Mike, including systemic risk in software development and how developers and security teams can work together to meet common goals and solve the speed vs. security dilemma. Specifically, they’ll discuss processes for fixing more vulnerabilities faster and tools for ensuring developer success. And they’ll talk about improving the overall maturity of DevOps teams through good development practices, good testing, remediation, and training.

Segment Resources:
– Veracode State of Sofware Security v11
https://www.veracode.com/state-of-software-security-report
Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

Solving Systemic Risk in Software Development

Guests

Chris Wysopal

Chris Wysopal – Co-Founder, CTO & CISO at Veracode

@WeldPond

Chris Wysopal is Chief Technology Officer and co-founder at Veracode. He oversees technology strategy and information security. Prior to co-founding Veracode in 2006, Chris was vice president of research and development at security consultancy @stake, which was acquired by Symantec. In the 1990s, Chris was one of the original vulnerability researchers at The L0pht, a hacker think tank, where he was one of the first to publicize the risks of insecure software. He has testified to the US Congress on the subjects of government security and how vulnerabilities are discovered in software. Chris received a BS in computer and systems engineering from Rensselaer Polytechnic Institute. He is the author of The Art of Software Security Testing.

Hosts

John Kinsella

John Kinsella – Co-founder & CTO at Cysense

@johnlkinsella

John Kinsella is the Chief Architect for Accurics

Mike Shema

Mike Shema – Security Partner at Square

@Codexatron

Mike Shema is a Security Partner at Square.

Announcements

  • In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.