Chris Wysopal: Open source is becoming a national security risk

Chris Wysopal: Open source is becoming a national security risk

In early December 2021, enterprise security teams around the world went on high alert because of a string of vulnerabilities in an open-source Java component, Log4j, that is used in millions of applications. The incident prompted warnings from CISA and other national CERTs and led to renewed discussion about security and the open-source software ecosystem and how developers consume and track their use of open-source components.

Chris Wysopal, founder and chief technology officer of application security company Veracode, sat down with CSO Senior Writer Lucian Constantin at a recent Security Summit to discuss just that.

A security industry veteran, with more than 20 years of experience in application security and vulnerability research, Wysopal has testified to the US Congress on the subjects of government security and how vulnerabilities are discovered in software.

To read this article in full, please click here



Support the originator by clicking the read the rest link below.