GDPR AND SDLC: SOFTWARE SECURITY LESSONS LEARNT FROM EQUIFAX
Software security is a major challenge for organisations developing applications under GDPR: Here's how known vulnerabilities could effect your business and what you can do to stay compliant.
If your business sells software to the European Union, you need to follow GDPR.
But with 80 – 90% of all modern applications being built using open source software components, it can be tough to make sure your business is covered.
Every development team uses them to accelerate production and deliver new innovations, and every software application you use, at work or at home, is made up of them.
That’s why it’s important to understand that these free, packaged bits of reusable code may contain known software vulnerabilities that, ultimately, put you in breach of GDPR rules…
…and cost a cool €20 million fine if your company is found to have helped hackers steal sensitive consumer data.
That’s set to be a major challenge for organisations developing software under the GDPR.
Don’t get me wrong, just because open source software components have vulnerabilities, doesn’t mean you should completely abandon using them.
But you do need a powerful way to protect your company from potential harm when you do. And make sure that your data is secure so that you cannot be breached.
GDPR and SDLC: Lessons Learnt From Equifax
This episode is brought to you by:
Sonatype Nexus – our partners in automating and securing the flow of open source components across your DevOps pipeline. Check out Sonatype Nexus >>.
Check out these highlights:
- How sonatype helps GDPR articles 5, 22 and 25
- The Equifax struts vulnerability.
- How Sonatype helps with threat assessment. security testing, environment handling and policy and compliance.