Lou Shipley, OpenSource, security

Companies that use open source code don’t really understand their exposure to open source security vulnerabilities, our area of focus and expertise.

An interview with Lou Shipley, CEO,  Black Duck Software, @LouShipley @black_duck_sw

We asked.  Lou answered.

What is the next step that you recommend the local community takes
to ensure that Boston becomes the next security Mecca?
Promoting entrepreneurship
in security technology and leveraging the expertise of companies in the space
to nurture and encourage the entrepreneurs is always a good way to create some
energy behind this sort of effort–and a way to attract capital.
Additionally, investing in
primary education and expert instruction in related disciplines is essential.
Technology and computer science, are important of course, but so are
contemporary classes in sales and capital formation–as early on as junior high
school. This will pay dividends for many years to come.
Why is
stepping up security, immediately, particularly important to your
The explosion in the use
of open source software has created significant security challenges. Because
open source software makes its way into code bases in a variety of ways, it is
difficult for companies to maintain the necessary visibility into, and control
of, the code they are using. This lack of visibility and control has led to
high-profile breaches such as HeartBleed and Shellshock.
What is the
key obstacle companies like yours face in bringing security up to where it
needs to be?
Companies do not really
understand their exposure, or believe they have the situation in hand–even
though they are using testing tools that are not effective in finding open
source vulnerabilities. It is important that we help companies understand their
potential exposure to open source vulnerabilities and educate them about
automated solutions that address that exposure.
Hear more of what Lou has to say at The Business of Security:  Impacting Your Company’s Resiliency, Reputation and Revenue on September 30. Learn more and register: http://bit.ly/SecurityBiz

Upcoming Events


Related Articles