Application Security , Application Security Testing , Next-Generation Technologies, Secure Development

Mitigating Risks From Open Source and Third-Party Code

CA Veracode's Chris Eng on New Strategies to Bolster Application Security
Chris Eng, vice president of research, CA Veracode

Organizations are developing new apps at the speed of business. But through the use of vulnerable code, they also are creating new risks just as fast. Chris Eng of CA Veracode offers new strategies and solutions to mitigate open source and third-party risks.

See Also: Live Webinar | Benchmarking Your Organization's Security Performance with Security Ratings

In a video interview at Information Security Media Group's recent New York City Fraud Summit, Eng discusses:

  • High-profile examples of fraud risks introduced by faulty code;
  • How component inventories and developer education can reduce risks;
  • The merits of software composition analysis technologies.

Eng is vice president of research at CA Veracode, where he leads the team responsible for integrating security expertise into the company's core product offerings. Previously, he was technical director at Symantec and an engineer at the National Security Agency. He is a frequent speaker at industry conferences and has been featured in media outlets such as Bloomberg, Fox Business and CBS.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network