Putting some reality to the state-sponsored backdoors (Huawei) and supply-chain compromise
The risks coming through the door with the products you buy
The case for setting up an independent testing lab for mitigating 'backdoor' accusations
Chris does an interesting assessment on software security practices in the enterprise
Chris discusses holding your vendor to the same standards you hold yourself
What does it mean that enterprises are doing a "good job" in SwSec
Chris goes there, open-source components as part of supply chain risk
James asks "How do smaller buyers leverage scale to hold their suppliers accountable?"
Why do we still see SQL Injection?! Are we ever going to get rid of it?
Chris Wysopal ( @Weldpond ) - Chris is the Founder, CTO and CISO of VeraCode, a company dedicated to software security as-a-service. Chris has a long and storied history in the security industry dating back to L0pht Heavy Industries. His bio and profile can be found on LinkedIn.