‘We Don’t Teach Developers How To Write Secure Software’ – Linux Foundation’s David A Wheeler on Reversing the CVE Surge
1 min read
Dec 14, 2022
Addressing a decades-old deficiency in coding curriculums could have a profound effect on the security of the software supply chain, a leading expert on the subject tells The Daily Swig.
In particular, David A Wheeler, director of open source supply chain security at the Linux Foundation, draws a link between a failure to incorporate security into entry-level developer courses and the vast majority of vulnerabilities belonging to a small number of common bug classes.
The IT PhD and Certified Information Systems Security Professional (CISSP) also moonlights as adjunct professor of computer science at Virginia’s George Mason University, and in 2020 concluded a 33-year spell at the US Institute for Defense Analyses.
Related Articles
1 - 0 min read
Hacked VMs Reveal New Attack Risks
1 - 0 min read
Open Source is Not Insecure, Despite Common Misconceptions
1 - 0 min read
Linux Kernel 'Make-Me-Root' Flaw Threatens Popular Distros
1 - 0 min read
Multiple Chromium DoS, Info Disclosure Vulns Fixed [Updated]
