Interview with Vince Arneja, Chief Product Officer of CodeSecure (formerly the products division of GrammaTech)
Software product security has undergone a sea of change since the 2020 SolarWinds breach laid bare vulnerabilities in the software supply chain—and in early 2021 when active Log4J exploits revealed the widespread damages that can spread through popular open source libraries.
In response, the U.S. President released an executive order in May of 2021 to secure cyberspace, which includes securing the software supply chain and institutionalizing Software Bills of Materials for all third-party code—including open source. Most recently, the Whitehouse National Cybersecurity Strategy (released in March 2023) calls for product vendors to be held liable for cyber incidents that impact the safety of the nation’s critical infrastructure, which is heavily reliant on embedded systems.
How do these trends impact DevSecOps practices today and in the future? To answer that, Deb interviews Vince Arneja, Chief Product Officer at CodeSecure, which recently spun out of GrammaTech under Battery Ventures. While the pace of change may seem overwhelming, at stake are the safety of embedded software products and their consumers who will demand visibility into every piece of code – source, byte, binary – and at every level.
Join us as Vince talks about how these trends are giving rise to the role of CPSO (Chief Product Security Officer), and how CodeSecure, with the support of Battery Ventures, plans to address these and other trends to better serve the product development and end-consumer communities.
