Veracode’s Chris Wysopal: Agencies Should Equip Developers With Training, Tools to Build Secure Software

Chris Wysopal, co-founder and chief technology officer at Veracode, said government agencies should advance the adoption of software that is secure by design by educating developers and providing them with the tools they need to integrate security into every aspect of software development.

In an article published on Carahsoft.com, Wysopal wrote about agencies’ transition to zero trust and how the approach directs them to “shift from applying security at the end to thinking about security from the beginning and throughout the life cycle of an application, including how it is deployed and updated.”

As agencies implement the DevSecOps approach, he noted that they are incorporating security into the software development process, particularly in the testing phase.

According to Wysopal, integrating application security into the automated testing process enables developers to detect and address vulnerabilities before fielding an application.

“Security that works well is transparent, which means it is running in the background on every build, and it’s inescapable,” he wrote.

“Vulnerabilities should be quickly detected, and the build should automatically stop until a mitigation plan is developed and implemented,” Wysopal added.

The Veracode executive stated that the Cybersecurity and Infrastructure Security Agency and the Office of the National Cyber Director highlight the importance of integrating security into the software development process.

Sponsor

×

Stay ahead in GovCon

Join thousands of government contractors who rely on GovCon Wire for the latest updates in federal spending, bid opportunities, and compliance changes.

Whether you’re new to the space or scaling up, our brief keeps you informed and ready to act.

Email Address *

First Name *

Last Name

Position

Company

Related Articles

SAIC Posts $1.9B in FY2026 Q3 Revenue; Jim Reagan on SilverEdge Acquisition, Strategic Priorities

SAIC reported $1.87 billion in fiscal year 2026 third-quarter revenue, down 5.6 percent from the same period the previous year,…

Army Veteran Chris Hassett Joins Auria’s Public Sector Business as EVP, GM

Auria has named Chris Hassett as the new executive vice president and general manager of its commercial and public sector…

GSA Launches OASIS+ Contract Program’s Phase II

The General Services Administration has launched the second phase of the One Acquisition Solution for Integrated Services Plus, or OASIS+,…

KBR Secures $117M NAVAIR Contract for F/A-18 FMS Support

KBR has received a $117 million follow-on contract to continue supporting the U.S. Naval Air Systems Command’s F/A-18 and EA-18G…

US Approves Canada’s $2.7B Air Strike Weapons FMS

The Department of State has cleared the government of Canada’s request to purchase air strike weapons and related equipment for…

CSA Names Ellen Barletto as Chief Growth Officer

Client Solution Architects has appointed Ellen Barletto as chief growth officer, expanding her leadership responsibilities after nearly two decades with…

FTC Requires Divestitures to Clear Boeing’s Spirit Acquisition

The Federal Trade Commission has proposed that Boeing divest Spirit AeroSystems assets to resolve antitrust concerns over the companies’ planned…

Northrop Grumman Secures $200M Army Contract for XM1211 High Explosive Proximity Rounds

Northrop Grumman has secured a contract valued at more than $200 million from the U.S. Army for the procurement of XM1211…

Axonius Federal’s Brian Meyer on Cybersecurity Asset Management

Brian Meyer, federal field chief technology officer at Axonius Federal, said cybersecurity asset management could help government agencies make dozens…

Red River Expands Cyber Capabilities Through Invictus Acquisition

“Technology transformation company Red River has acquired Invictus International Consulting to expand its cybersecurity and enterprise modernization capabilities to support…

War Department Details Drone Dominance Program in New RFI

The Department of War has issued a request for information to gather industry feedback on its plan to produce small…

Synergy ECP Expands Defense & Intelligence Capabilities With NetServices Acquisition

Synergy ECP, a software engineering, cybersecurity and systems engineering services provider, has acquired NetServices, a company offering secure, mission-focused technology services. The…

You’ve already read all related articles.

Executive Interviews