Better Bug Eradication in the Age of Agile DevelopmentVeracode's Chris Wysopal Details the Latest SecDevOps Techniques
The upside of so-called secure development - writing code that's as free from bugs as possible - has long been known, says Chris Wysopal, CTO of app security vendor Veracode. Numerous studies have pointed to the relatively low cost required to fix code when it's in the development stage and the cost spike that occurs when bugs must be eradicated from production code.
But bugs continue to plague code. With the rise of faster, agile-oriented programming methods, there are new ways to help find and eradicate these flaws earlier in the software development lifecycle, Wysopal says, including by bringing so-called SecDevOps techniques to bear.
In a video interview at RSA Conference 2017, Wysopal discusses:
- Building secure software;
- How organizations are tapping SecDevOps;
- The rise of agile development and its implications for security;
- The business imperative behind writing more secure code.
Wysopal is CTO of Veracode, as well as a member of the Black Hat review board. He was previously vice president of research and development at security consultancy @stake, which was acquired by Symantec. He also was one of the original vulnerability researchers at The L0pht, a hacker think tank, where he researched vulnerabilities and wrote security software such as Netcat for Windows and L0phtCrack.