CA Veracode CTO Chris Wysopal says organizations are increasingly incorporating open source code elements into their development to accommodate agile development methodologies and swift go-to-market requirements. Not many organizations are addressing the security concerns that follow this decision, he says. As CTO at CAVeracode, he oversees technology strategy and information security. In a video interview at RSA Conference 2018, he discusses the need for incentivizing developers to write secure code. He also discusses the lack of security ownership with open source modules and components.”]
Source: https://www.cuinfosecurity.com/mitigating-open-source-security-vulnerabilities-a-10818