DZone – Tom Smith – 3/21/18
[DZone interviewed Chris Wysopal, Co-Founder and CTO, Veracode, on effective security techniques]
Continuous Threat Management
• Adaptive defense, predictive defense, prevention technology to be ready for timely incident response. We call this continuous threat management. Visibility into how the hacker got in, how they moved, and attack replay so you can build a predictive defense. Even then hackers will get through. How can we use automation and information sharing to prevent future attacks? Engagement-based solutions do not miss what the attacker is doing.
• The most effective product we use is an open source product that reverse-engineers and unpacks firmware images so you can see the vulnerabilities. Some commercial tools that audit source code give a false sense of security because nothing is being checked after compilation.
• There are techniques for sanitizing malicious inputs. Use known libraries to create a secure environment. Use tools that provide virtual patching while the developing is fixing the problem. The least effective technique is blacklisting since there are too many hacks to list and keep track of.