Mitigating Risks From Open Source and Third-Party CodeCA Veracode's Chris Eng on New Strategies to Bolster Application Security
Organizations are developing new apps at the speed of business. But through the use of vulnerable code, they also are creating new risks just as fast. Chris Eng of CA Veracode offers new strategies and solutions to mitigate open source and third-party risks.
In a video interview at Information Security Media Group's recent New York City Fraud Summit, Eng discusses:
- High-profile examples of fraud risks introduced by faulty code;
- How component inventories and developer education can reduce risks;
- The merits of software composition analysis technologies.
Eng is vice president of research at CA Veracode, where he leads the team responsible for integrating security expertise into the company's core product offerings. Previously, he was technical director at Symantec and an engineer at the National Security Agency. He is a frequent speaker at industry conferences and has been featured in media outlets such as Bloomberg, Fox Business and CBS.