DevOps and the State of Software SecurityToo Many Preventable Code-Level Flaws Still Persist, Says Chris Eng of Veracode
Software development over the past decade: The good news is that more organizations than ever have secure software development practices in place, says Chris Eng, chief research officer at Veracode. But the bad news is that many of the same flaws - including injection vulnerabilities - persist.
In a video interview with Information Security Media Group at RSA 2020, Eng also discusses:
- The concept of "security debt";
- The rise of DevOps and security;
- Studying development and security trends for 10 years: What's changed, and what still needs to change?
Eng is chief research officer at Veracode. A founding member of the Veracode team, he currently leads all security research initiatives including applied research, product security, and Veracode Labs. Previously, he served as technical director at Symantec - formerly @stake - and as an engineer at the U.S. National Security Agency.