Preview Mode Links will not work in preview mode

Jan 6, 2014

In this episode

  • Chris Wysopal - who is that masked man?
  • Putting some reality to the state-sponsored backdoors (Huawei) and supply-chain compromise
  • The risks coming through the door with the products you buy
  • The case for setting up an independent testing lab for mitigating 'backdoor' accusations
  • Chris does an interesting assessment on software security practices in the enterprise
  • Chris discusses holding your vendor to the same standards you hold yourself
  • What does it mean that enterprises are doing a "good job" in SwSec
  • Chris goes there, open-source components as part of supply chain risk
  • James asks "How do smaller buyers leverage scale to hold their suppliers accountable?"
  • Why do we still see SQL Injection?! Are we ever going to get rid of it?

Guest

  • Chris Wysopal ( @Weldpond ) - Chris is the Founder, CTO and CISO of VeraCode, a company dedicated to software security as-a-service. Chris has a long and storied history in the security industry dating back to L0pht Heavy Industries. His bio and profile can be found on LinkedIn.