Ep.3, S2: Unresolved flaws: security debt grows deeper - podcast episode cover

Ep.3, S2: Unresolved flaws: security debt grows deeper

A Hard Look at Software Security
Jan 23, 202011 minSeason 2Ep. 3
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

The average number of days to fix software flaws was at 59 days in the first Veracode State of Software report from ten years ago. Today, it’s jumped to 171 days in the latest 2019 report.

While typical median fix times haven't gotten worse in 10 years – they have remained about the same - security debt is getting much deeper.

In this episode of a Hard Look at Software Security, Chris Eng, Vice President of Research with Veracode, will discuss relevance of the findings on median time to remediate flaws - and where organizations may stand when it comes to their own security debt.

Listeners will learn about:

  • Why security debt is getting much deeper
  • If fixes are based on flaw severity or exploitablilty
  • Why the source of an application affects fix speed of remediation


Produced by IDG Communications, Inc., in association with Veracode.

For the best experience, listen in Metacast app for iOS or Android