Penetration testing, ethical hacking and writing secure code are not new concepts, they’ve been around for decades. Despite this, the rate at which code vulnerabilities are reported continues to increase. Enterprise Times asked Rene Bader, Manager for Critical Business Applications & Big Data, NTT Ltd why this was.
Bader believes that one of the problems is that software is getting increasingly complex. This, in turn, makes effective testing more complex. Bader sees the arrival of DevSecOps as a significant step towards resolving this. It enables companies to spot bugs earlier in the development cycle and this makes remediation faster, easier and results in massive cost reduction per issue.
There is also a need for the business and IT to work more closely together on this. The introduction of low code and no code environments is moving some software development out of IT. This means that there has to be a wider understanding of testing and test processes.
Bader also says that companies building their own apps must balance perfect software with business need. This is all about risk assessment. Is it OK to have a piece of software with some cosmetic bugs and just one or two functional issues? Can the business survive with more functional issues if the remediation process is fast enough and the bugs do not expose personal data?
To hear more of what Bader had to say listen to the podcast.
Where can I get it?
obtain it, for Android devices from play.google.com/music/podcasts
use the Enterprise Times page on Stitcher
listen to the Enterprise Times channel on Soundcloud
listen to the podcast (below) or download the podcast to your local device and then listen there