Down The Security Rabbithole

In this episode Chris Wysopal - who is that masked man? Putting some reality to the state-sponsored backdoors (Huawei) and supply-chain compromise The risks coming through the door with the products you buy The case for setting up an independent testing lab for mitigating 'backdoor' accusations Chris does an interesting assessment on software security practices in the enterprise Chris discusses holding your vendor to the same standards you hold yourself What does it mean that enterprises are doing a "good job" in SwSec Chris goes there, open-source components as part of supply chain risk James asks "How do smaller buyers leverage scale to hold their suppliers accountable?" Why do we still see SQL Injection?! Are we ever going to get rid of it? Guest Chris Wysopal ( @Weldpond ) - Chris is the Founder, CTO and CISO of VeraCode, a company dedicated to software security as-a-service. Chris has a long and storied history in the security industry dating back to L0pht Heavy Industries. His bio and profile can be