Chris Wysopal
Chris Wysopal, co-founder and CTO of Veracode, is recognized as an expert and a well-known speaker in the information security field. He has given keynotes at computer security events and has testified on Capitol Hill on the subjects of government computer security and how vulnerabilities are discovered in software. His opinions on Internet security are highly sought after and most major print and media outlets have featured stories on Mr. Wysopal and his work. At Veracode, Mr. Wysopal is responsible for the security analysis capabilities of Veracode technology.
Stay up to date on Application Security
- | By Chris Wysopal
Spring Break, the latest named vulnerability, is more serious than the moniker implies. Spring Break is a critical remote code execution vulnerability in Pivotal Spring REST, one of the most popular frameworks for building web applications, and the effects of this vulnerability are widespread. A…
Read Article
- | By Chris Wysopal
The Veracode Application Security Platform integrates seamlessly with the development, security and risk-tracking tools you already use. And, our flexible API allows you to create your own custom integrations or use community integrations, built by the open source community and other technology…
Read Article - | By Chris Wysopal
Can one approach to application security solve all your problems? Of course this is a silly question as anyone who is tasked with reducing the risk of their application layer knows. The only people who ask this question are vendors … who of course have a vested interest in drumming up business for…
Read Article - | By Chris Wysopal
1. Coverage, both within applications you build and within your entire application portfolio One of the primary benefits of binary static analysis is that it allows you to inspect all the code in your application. Mobile apps…
Read Article - | By Chris Wysopal
Last Wednesday I was honored to be able to present a talk on Binary Static Analysis to an Intro to Security class at Tufts University. The instructor, Ming Chow, approached me to speak to his class as he likes to bring in security practioners who are delivering security to their customers. There…
Read Article - | By Chris Wysopal
Last week I described the concept of application security debt and application interest rates. I promised that I would follow-up with a financial model that could translate these concepts in to real money. Recap Here’s a quick recap of the initial concept. Security debt is similar to technical debt…
Read Article