Presented at
Black Hat Europe 2017,
Dec. 6, 2017, 2:55 p.m.
(25 minutes).
The future of software development is the "full spectrum engineer". The speed demands of modern development require not just the ability to move up and down the stack, but across the spectrum of processes from design, coding, functional and non-functional testing and deployment. Maximizing velocity requires the work of one engineer to be available to the customer without coordination with others. This means the "full spectrum engineer" must have the capability of also securing their own work. The future software engineer will know about software security and will have automated tools at their disposal. We will still have specialists to go deep but software security will no longer be thought of as a specialist discipline.
Presenters:
-
Chris Wysopal / Weld Pond
- Chief Technology Officer, CA/Veracode
as Chris Wysopal
Chris Wysopal is Co-Founder, Chief Technology Officer at Veracode, which he co-founded in 2006. He oversees technology strategy and information security. Prior to Veracode, Chris was vice president of research and development at security consultancy @stake, which was acquired by Symantec.
In the 1990's, Chris was one of the original vulnerability researchers at The L0pht, a hacker think tank, where he was one of the first to publicize the risks of insecure software. He has testified to the US Congress on the subjects of government security and how vulnerabilities are discovered in software.
Chris received a BS in computer and systems engineering from Rensselaer Polytechnic Institute. He is the author of The Art of Software Security Testing.
Links:
Similar Presentations: