The Denim Group is well known for their work in application level security. In this conversation, I speak with Dan Cornell, Principal at Denim Group, about methodology for managing vulnerabilities through the development lifecycle.
Listen to the Interview: Dan Cornell – Manage Vulnerabilities in the Development Lifecycle
Highlights in this Talk
- 01:44 Methodology for managing the development cycle
- 03:29 The dilemma of remediating vulnerabilities in existing code
- 06:27 Money drives the decision to fix or not to fix vulnerabilities
- 09:10 Who decides what to fix
- 12:35 Trends to watch for in the coming year
About Dan Cornell
Dan Cornell has over twelve years of experience architecting, developing and securing web-based software systems. As a Principal of Denim Group, he leads the organization’s technology team overseeing methodology development and project execution for Denim Group’s customers. He also heads the Denim Group application security research team, investigating the application of secure coding and development techniques to the improvement of web based software development methodologies.