Application Security: Offense Vs. DefenseSonatype's Matt Howard on the Evolution of the Secure Code Discussion
Amidst a multi-city tour, ISMG and Sonatype visited Boston for an engaging discussion on how to mitigate risks introduced by open source software. Sonatype CMO Matt Howard discusses how the conversation highlights the offense vs. defense approaches to securing critical applications.
There are generally two world views on how to improve application security posture, Howard says. "There's the familiar view of 'let's build perimeter defenses designed to keep the bad guys out,' and then there's the emerging world view, which is 'let's try to get on the offense and design software applications that have security built in by design.'"
In an interview following the Boston event, Howard discusses:
- The evolutions of the application security conversation;
- Takeaways from the Boston crowd;
- The value of these roundtable discussions for attendees and sponsors alike.
A proven executive and entrepreneur with over 20 years' experience developing high-growth software companies, Howard leads Sonatype's corporate marketing, strategic partnering and demand generation initiatives. Prior to Sonatype, he co-founded, developed and successfully sold two software companies. Earlier in his career he led sales and marketing at USinternetworking (acquired by AT&T) and Groove Networks (acquired by Microsoft) where his teams distributed workgroup collaboration products to enterprise customers.