Chris Eng is vice president of research at CA Veracode, where he leads the team responsible for integrating security expertise into the company’s core product offerings. Eng talks about the tradeoff between security and speed in software development. He also discusses the need for a “trust but verify” mindset when using third-party code. In a video interview at the Information Security Media Group’s recent Fraud & Breach Prevention Summit: Toronto, Eng discusses:Maintaining libraries of open source components;.”]
Source: https://www.cuinfosecurity.com/managing-open-source-risks-a-11523