We Lack Building Codes for Building Software Code [VIDEO]

Tale of Two Quakes - Josh Corman

At Josh Corman’s presentation during AppSecEU 2015, he brought up the analogy of buildings codes, those laws and regulations that mandate how architectural buildings are built. It’s the reason earthquakes in some regions of the world are so devastating, while even stronger ones in other areas cause minimal damage.

Josh’s question is a simple one: Why do we lack building codes for building software code? What laws and regulations are in place that mandate secure, quality software that won’t “collapse” when under attack?

You can view Josh’s entire presentation, Continuous Acceleration: Why Continuous Everything Requires A Supply Chain Approach, on YouTube thanks to the good folds at AppSecEU.



The following two tabs change content below.

Joshua Corman

In his capacity as CTO, Josh researches new technologies and software development trends to help evolve Sonatype’s product strategy. Additionally, Josh is working with the broader IT community as well as policy and standards bodies to improve software development security standards and best practices. Prior to Sonatype, Josh served as a security researcher and executive at Akamai Technologies, The 451 Group, and IBM Internet Security Systems, among other firms. A well-regarded innovator, he co-founded Rugged Software and IamTheCavalry to encourage the development of new cyber security solutions in response to the world’s increasing reliance on digital infrastructure. Josh's unique approach to addressing cyber security in the context of human factors and social impact has helped position him as one of the most trusted names in IT security. He also serves as adjunct faculty for Carnegie Mellon’s Heinz College, IANS Research, and as a Fellow at the Ponemon Institute.

Related posts