I’ll be at HP Protect Conference 2014 all next week and needed a travel companion, so I built one. It can take out the garbage, pick me up a bottle of water and say my name really nicely. Who are you bringing?
Moving software security into the development life cycle has gained greater visibility in the developer community within the past year. To confirm that assessment, we have created a survey, Developers and Application Security – Who is Responsible?, to help the software security industry evaluate the following:
- How effective and comprehensive are the application security approaches being applied today?
- As development cycles continue to decrease, why isn’t security keeping pace?
- Where is the resistance to adopting security within the development cycle?
The survey that takes less than 7 minutes to complete. We would very much appreciate your participation so that we can get an industry wide view of the perception of the responsibilities of developers when it comes to application security.
In appreciation of your participation in the survey, you will receive a copy of the analysis of the final results. Thank you in advance for your support.
“Security is a core requirement of software development. No mature development organization today believes security can be layered on after the fact.” — Jacob West
I was able to catch up with Jacob West, CTO, Enterprise Security Products, HP, after one of his global jaunts last month. Jacob tells us about some very interesting security projects for HP, as well as his perspective on the current state of DevOps in the enterprise.
“There is no good way to differentiate a (software) user from an attacker. If that’s the case, software has to have security built in as a core requirement.” — Jacob West
Listen to the Interview: Jacob West – Automation and Application Security as Part of Development
You might know Brian Chess as the Founder / Chief Scientist of Fortify Software. He is now working with NetSuite as the VP of Infrastructure and Security Engineering. I was able to catch up with Brian last week for a broad discussion, ranging from government monitoring of big data sources to the role of DevOps in the new enterprise application environment. With all the front page news on the NSA leaks, IRS targeting and other forms of government monitoring, we had plenty of fodder to choose from.
Listen to the Interview: Brian Chess – Software Security, Government Monitoring and the Role of DevOps