Application Security , Technology

Better Bug Eradication in the Age of Agile Development

Veracode's Chris Wysopal Details the Latest SecDevOps Techniques

The upside of so-called secure development - writing code that's as free from bugs as possible - has long been known, says Chris Wysopal, CTO of app security vendor Veracode. Numerous studies have pointed to the relatively low cost required to fix code when it's in the development stage and the cost spike that occurs when bugs must be eradicated from production code.

See Also: IoT is Happening Now: Are You Prepared?

But bugs continue to plague code. With the rise of faster, agile-oriented programming methods, there are new ways to help find and eradicate these flaws earlier in the software development lifecycle, Wysopal says, including by bringing so-called SecDevOps techniques to bear.

In a video interview at RSA Conference 2017, Wysopal discusses:

  • Building secure software;
  • How organizations are tapping SecDevOps;
  • The rise of agile development and its implications for security;
  • The business imperative behind writing more secure code.

Wysopal is CTO of Veracode, as well as a member of the Black Hat review board. He was previously vice president of research and development at security consultancy @stake, which was acquired by Symantec. He also was one of the original vulnerability researchers at The L0pht, a hacker think tank, where he researched vulnerabilities and wrote security software such as Netcat for Windows and L0phtCrack.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the Executive Editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, amongst other publications. He lives in Scotland.




Around the Network