DevSecOps , Next-Generation Technologies & Secure Development

DevOps and the State of Software Security

Too Many Preventable Code-Level Flaws Still Persist, Says Chris Eng of Veracode
Chris Eng, chief research officer, Veracode

Software development over the past decade: The good news is that more organizations than ever have secure software development practices in place, says Chris Eng, chief research officer at Veracode. But the bad news is that many of the same flaws - including injection vulnerabilities - persist.

See Also: Tips for Implementing Foundational Controls

In a video interview with Information Security Media Group at RSA 2020, Eng also discusses:

  • The concept of "security debt";
  • The rise of DevOps and security;
  • Studying development and security trends for 10 years: What's changed, and what still needs to change?

Eng is chief research officer at Veracode. A founding member of the Veracode team, he currently leads all security research initiatives including applied research, product security, and Veracode Labs. Previously, he served as technical director at Symantec - formerly @stake - and as an engineer at the U.S. National Security Agency.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.