Starting a security program is hard enough. Going from pilot programs and basic secure development lifecycles to a more comprehensive program can cause rifts between development and security teams, slow down productivity, and lead to growing security debt. John Steven, chief technology officer for vulnerability-orchestration platform ZeroNorth, said it takes a “cultural transformation—If you have a team that is doing monolithic development for a decade, they are not going to evolve.” Read more

Share This