https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • MSP 501 Information Center
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • MSP 501 Information Center
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures


Eric Baize

Dell Technologies Talks Secure Development Life Cycle

  • Written by Edward Gately
  • June 6, 2022

Eric Baize, Dell Technologies‘ vice president of product and application security, was on hand at RSA to talk about the importance of having a secure development life cycle (SDL) process for software security. He’s responsible for ensuring security is built into technology from design to deployment.

Baize also talked the important steps organizations should take to create a software bill of materials and build it into their SDL process.

“Because customers are on the constant catch-up, what we see is that most cybersecurity attacks, whether it be a phishing attack or an intrusion, are most often rooted in either zero day, meaning a software vulnerability or a system which has not been patched, which is the same thing as it’s still a software vulnerability,” he said. “So the whole ecosystem is looking at security as, how can I
patch faster or can I be more effective? But nobody is looking at the root cause of this, which is, why do we have a software vulnerability in the first place.

“Every time you have a team patching a system, you have a team that developed software that created a bug that was a vulnerability. So the SDL is all about, how do we create secure software from the get-go, and how do we design systems, application products, thinking like an attacker, from a requirement, development and testing standpoint? It is about looking at solving the security problem at the root of the problem, not after it’s too late.”

In addition, a software bill of materials helps you understand where the code you have in the product is coming from, Baize said.

“All systems or products today are made of many components,” he said. “The reason it’s important is that if you understand where the components are from, first of all, you can understand what level of security was put in a component. You can make sure you have the latest up-to-date components deployed and you don’t leave open doors into your components. And also, if there’s an issue on the component, the vendor will know which product they have to update and match. So it’s an important practice.”

Baize equates it to being healthy.

“If you want to be healthy, there is not one pill you can take; that’s not the way it works,” he said. “You have to exercise, you have to eat well and you have to do the hygiene, and then you are more likely to be healthy. Now you may die anyway. You may have a vulnerability even if you do the secure SDL. The software bill of materials is one of these practices that makes your software a more secure software.”

The channel and partners have a role to play in software security by educating their customers, Baize said.

“So part of it is explaining, for instance, what security resources are available from a vendor,” he said. “From a Dell standpoint, part of our security life cycle requires that we issue a secure security configuration guide with each product so that customers know how to help harden the product.”

Tags:

Edward Gately

Edward Gately

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Related Content

  • ‘Cloud’ and ‘Cybersecurity’ Will Practically Become Synonymous
    RSA Survey: Ransomware Takes Back Seat to Cloud Security as Biggest Concern
  • Making Waves
    8 Channel People Making Waves This Week at AT&T, VMware, More
  • managed detection and response
    MDR Can Help SMBs Become More Cyber Resilient
  • MSP Summit Hero Size
    It’s All About Leadership — And the MSP Summit Is All About You

Upcoming Events

View all

MSP Summit

September 13, 2022 - September 16, 2022

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Galleries

View all

8 Channel People Making Waves This Week at Splunk, Telarus, More

June 24, 2022

Human Casualties from Cybercrime, More Zero Trust Among Gartner Cybersecurity Predictions

June 24, 2022

Images: D&H Distributing Mid-Atlantic Thread Event Featuring Intel, Lenovo

June 24, 2022

Industry Perspectives

View all

Why MSPs are Attractive Cyberattack Targets

June 24, 2022

IT Partner Programs Must Evolve to Meet Market Demands

June 21, 2022

How Your Organization Can Benefit from the NIST Cybersecurity Framework

June 20, 2022

Webinars

View all

VEP Platform for Delivery of uCPE, SD-WAN and SASE

June 29, 2022

The Digital Worker: How to Empower Customers with a Flexible, Scalable VDI Solution to Enable Remote Work

June 30, 2022

Growing Partner Revenue and Customer Satisfaction with Power Management Services

June 23, 2022

White Papers

View all

Work Goes Remote – (and Other Top ITOps Trends)

May 25, 2022

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

Channel Futures TV

View all

AT&T, Microsoft, Cisco, ThreatLocker on Unlocking Partner Potential

Agents Share ‘Secrets,’ Industry Opportunity

May 11, 2022

Vonage Addresses Potential Partner Opportunity via Acquisition by Ericsson

May 5, 2022

Lumen Technologies ‘Built for Growth and Scale’

May 4, 2022

Twitter

ChannelFutures

Channel people making waves this week include: @garylsteele, @fredvoccola, @kbarday, @stephenorban, @gabekker,… twitter.com/i/web/status/1…

June 24, 2022
ChannelFutures

.@Zendesk being acquired by group of global investors, taking the #CRM provider private. dlvr.it/SSnpwZ https://t.co/jaZdeqxoU3

June 24, 2022
ChannelFutures

.@Broadcom is planning @Vmware closing, promises "open mind"-- will draw on lessons of @CAinc and @symantec… twitter.com/i/web/status/1…

June 24, 2022
ChannelFutures

.@Gartner_inc lists 8 #cybersecurity predictions, including more human casualties from #cyberattacks.… twitter.com/i/web/status/1…

June 24, 2022
ChannelFutures

Is your company a prime target for cyberattacks? Here's what MSPs need to know. @BarracudaMSP #cyberattacks… twitter.com/i/web/status/1…

June 24, 2022
ChannelFutures

A huge round of applause 👏 to our 2022 top ten managed service providers from around the world as named on the Chan… twitter.com/i/web/status/1…

June 24, 2022
ChannelFutures

RT @MSP_Summit: Early Bird pass prices for Channel Partners Leadership Summit, MSP Summit, & Women's Leadership Summit end at 11:59 p.m. ES…

June 24, 2022
ChannelFutures

.@dsm_IT is now the third acquisition by @thrivenetworks in Florida in the last six months. dlvr.it/SSmxQn https://t.co/cswaMztP6o

June 24, 2022

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X