Application Security , Next-Generation Technologies & Secure Development

Managing Open Source Risks

Chris Eng of CA Veracode on Best Practices
Chris Eng, vice president of research, CA Veracode

Open source and third-party components help developers build and deploy applications faster. But with increased speed comes greater risks, says Chris Eng of CA Veracode, who offers insights on mitigating those risks.

See Also: The Ever-Increasing Pressure to Develop Secure Code

In a video interview at Information Security Media Group's recent Fraud & Breach Prevention Summit: Toronto, Eng discusses:

  • Maintaining libraries of open source components;
  • The tradeoff between security and speed in software development;
  • The need for a "trust but verify" mindset when using third-party code.

Eng is vice president of research at CA Veracode, where he leads the team responsible for integrating security expertise into the company's core product offerings. Previously, he was technical director at Symantec and an engineer at the National Security Agency.


About the Author

Nick Holland

Nick Holland

Former Director, Banking and Payments

Holland focused on the intersection of digital banking, payments and security technologies. He has spoken at a variety of conferences and events, including Mobile World Congress, Money2020, Next Bank and SXSW, and has been quoted by The Wall Street Journal, CNN Money, MSNBC, NPR, Forbes, Fortune, BusinessWeek, Time Magazine, The Economist and the Financial Times.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.