Discover Security Trends News
‘We Don’t Teach Developers How To Write Secure Software’ – Linux Foundation’s David A Wheeler on Reversing the CVE Surge
Addressing a decades-old deficiency in coding curriculums could have a profound effect on the security of the software supply chain, a leading expert on the subject tells The Daily Swig.
In particular, David A Wheeler, director of open source supply chain security at the Linux Foundation, draws a link between a failure to incorporate security into entry-level developer courses and the vast majority of vulnerabilities belonging to a small number of common bug classes.
The IT PhD and Certified Information Systems Security Professional (CISSP) also moonlights as adjunct professor of computer science at Virginia’s George Mason University, and in 2020 concluded a 33-year spell at the US Institute for Defense Analyses.