RSA 2010: We’re vulnerable to code that wasn’t financed by blue chip companies

David Spark here reporting for Tripwire at the 2010 RSA Conference in San Francisco.

Tom Ptacek (@tqbf) is a Principal at the vulnerability research firm Matasano. While his organization has been analyzing software vulnerabilities for years, Ptacek’s current charge is to study the hundreds of lines of insecure code still running on servers in critical systems such as financial institutions and the power grid. The code in question is software built by small third parties, not blue chip companies like Microsoft and Adobe who have the money and expertise to secure their code. What he’d like to do is make it all secure.

Ptacek and I talked about his passionate and tantamount task of trying to secure all this critical and yet-to-be-secured code. For more on Ptacek, read his blog.

Check out more of Tripwire’s coverage from the 2010 RSA Conference in San Francisco.

Tagged as: code, IT Security, IT Security and Data Protection, microsoft, RSA, RSA 2010, RSAC, vulnerabilities

This post was written by…

David Spark has contributed 73 posts to The State of Security.

Twitter @dspark

Contact David Spark

David Spark is a veteran tech journalist and founder of Spark Media Solutions, a media consulting and production company. Acting as the "media" of "social media," Spark Media Solutions helps its clients be seen as leading voices in their field through brand-quality media production and distribution through top tier media channels.