Veracode CEO Bob Brennan on the Future of Software Security
(Page 4 of 4)
transition as a company. We’re mindful of the fact that this is about how fast you grow, and there’s an opportunity to dominate application security as a service that’s a large, expanding market. I don’t have to tell you that the difference between first and second place is huge.
X: So ultimately, what’s the big picture here? How will Veracode change the world?
BB: We believe that by pushing very hard, we can produce a tipping point. So—if we have the major financial services companies, the major logistics providers, the major healthcare companies, going out with near-simultaneity to their vendors saying, “You’ve got to do this”—that those software vendors will see the usefulness in doing it. And then they quickly see the benefits of having done it because they have more saleable software, and we become a standard like United Laboratories, like Carfax.
That’s really big stuff. That’s making everybody better, more responsible. There’s a way to provide a secure application infrastructure where you’re expecting more from your vendors—it’s truly a “no regrets” move. We’re very excited about our ability to do this for internal applications, Web applications, and now for mobile applications.
X: What’s the biggest trend to watch?
BB: It’s going to be an increasingly mobile world. This issue of control will become one of anybody using any device, at any time, from anywhere. And where nobody would provision an application without understanding its security profile. The application counts inside these large corporations don’t shrink, they expand. I think it becomes as accepted a practice as QA [quality assurance] is today.
X: What books on leadership and psychology are you reading these days?
BB [pulls out his tablet]: The book I’ve appreciated a lot over the last few months is The Advantage by Patrick Lencioni, on organizational health. I’ve been doing a lot on Presentation Zen. Also You Are Not So Smart [by David McRaney] about biases. And Confessions of an Economic Hit Man [by John Perkins].
Also The Checklist Manifesto [by Atul Gawande]. Jack Dorsey hands this out to everybody at Square and Twitter. It makes the case for where you need different checklists in your business as it becomes more complicated. As you develop a Veracode way, just because I can do some “Presentation Zen” and take a complex idea and present it more simply, doesn’t make the business more simple.