Security debt – which is defined as aging and accumulating flaws in software -- is a lot like credit card debt. You can throw money at the balance, but if you don’t stop spending, you’re never going to actually get out of debt.
In this episode of A Hard Look at Software Security, Chris Wysopal, Chief Technology Officer with Veracode, will join us to continue our conversation on software scanning with focus on the accumulating security debt in applications caused by persistent flaws in long-term time frames.
Listeners will learn more about:
- Why there is less security debt in organizations that scan their code more than 300 times per year
- How to know if security debt is meaningful
- Best practices for incorporating scanning into the process