Security must be treated as business enabler, says Siman, CTO and founder of the firm. But to get there requires a change in mindset.
"[Developers] don't have any effective tool that allows them to measure the security level of their product," Siman says. "We've tried to introduce the security development lifecycle to allow developers to know exactly what they should be doing now to improve the security level of their product."
In an interview recorded at Infosecurity Europe 2014 Siman discusses:
- Why security often is not built into the code;
- Business benefits of changing that paradigm;
- The evolution of Checkmarx solutions.
Siman is the CTO and founder of Checkmarx. Siman has more than a decade of experience in software development, IT security and source-code analysis. Prior to founding Checkmarx, he worked for two years at the Israeli Prime Minister's Office as a senior IT security expert and project manager. Prior to that, he spent six years with the Israel Defense Forces (IDF), where he established and led a development team in the IDF's Information Security Center. He regularly speaks at IT security conferences and is CISSP certified since 2003.