Securing Modern Software

The newfound popularity of the internet in the nineties spurned an obsession with hacking. Unfortunately, most movies believed that it wasn't possible to show real hacking and still be entertaining; hence all the awkward video game graphics and characters living in sketchy basements regularly yelling out, "We're in!" while pounding on their keyboards. I'd also like to address their outfit choices but now is not the appropriate time. The point is, hackers have been portrayed as the same character repeatedly when in reality, there are many possibilities to turn these skills into a legitimate career.     In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Co-Founder and Chief Technology Officer at Veracode Chris Wysopal. In the ’90s, Chris was one of the first vulnerability researchers at The L0pht, a hacker think tank, where he publicized his findings on the dangers of insecure software. Chris shares guidance for anyone getting started with modern secure software development, the best tools to monitor for vulnerabilities in open-source code, and shares what he believes is one of the greatest threats to software development.     In This Episode You Will Learn:     How to use open-source code safely  Best tools for monitoring vulnerabilities  How to detect and respond to threats to insecure software    Some Questions We Ask:     What is modern secure software development?   What are the biggest threats to software today?   How should companies allocate ownership of secure code across the software development lifecycle?    Resources:    View Chris Wysopal on LinkedIn  View Nic on LinkedIn   View Natalia on LinkedIn   Related:     Listen to: Afternoon Cyber Tea with Ann Johnson   Listen to: Security Unlocked: CISO Series with Bret Arsenault   Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.