Live Q&A - Optimizing the Developer DevSecOps Experience for Embedded Systems

Login

About Mark Hermeling

Mark Hermeling, MSc Mark has 25 years of experience in software development tooling, operating systems, virtualization and networking technology in safe and secure, embedded and real-time systems. He has worked on projects building automotive, networking, aerospace and defense and industrial devices in North America, Europe and Asia. As VP of Global Solutions Engineering at CodeSecure (formerly GrammaTech), Mark manages a team that covers the last mile in assisting CodeSecure customers to improve their safety and security posture, ranging from topics around software develop lifecycle to third party vulnerability and risk management and software bill of materials. Prior to joining CodeSecure, Mark worked for Wind River Systems (an Intel Corporation subsidiary), Zeligsoft and IBM Rational. He holds a Master of Science degree in Computing Science from Eindhoven University of Technology.

About CodeSecure

At CodeSecure, we’re on a mission to protect everyone – everywhere there’s code. We provide innovative products that effectively and efficiently find critical software vulnerabilities protecting them from hackers. Because when code is protected, nation’s defenses and our customer’s products are more secure.

Home > On-Demand Archives > Q&A Sessions >

Live Q&A - Optimizing the Developer DevSecOps Experience for Embedded Systems

Mark Hermeling - CodeSecure - Watch Now - EOC 2025 - Duration: 31:41

Live Q&A - Optimizing the Developer DevSecOps Experience for Embedded Systems

Mark Hermeling

Get Your Pass Today!

Abstract Questions & Comments (5)

Live Q&A with Mark Hermeling for the theatre talk titled Optimizing the Developer DevSecOps Experience for Embedded Systems

M↓ MARKDOWN HELP

italics	surround text with asterisks
bold	surround text with two asterisks
hyperlink	[hyperlink](https://example.com) or just a bare URL
code	surround text with `backticks`
~~strikethrough~~	surround text with ~~two tilde characters~~
quote	prefix with >

Upvotes Newest Oldest

glennk

Score: 0 | 9 months ago | no reply

Excellent session, critically important today more than ever.

SimonSmith

Score: 1 | 9 months ago | no reply

Thanks Mark, great presentation and discussion. I can relate to much of it. I was mandated to use Parasoft and Checkmarx, which I found awkward to use, especially when ran infrequently and you forget how. As they were ran occasionally towards the end of the project, they produced mountains of haystacks. So I get the idea of being able to filter out what’s new or relevant on a branch, and just staying on top of it daily. I find there’s often a lot of marketing hype and training needed for SAST tools, all I want to do is download it and try it locally for 10 mins. It seems to point to qualified code generation from a model (or using it for the code generator), to minimise coding errors in the first place.

datamstr

Score: 1 | 9 months ago | no reply

Excellent presentation!

Mark HermelingSpeaker

Score: 0 | 9 months ago | no reply

Thanks @dcblack, I will certainly keep this in mind/

Here are the links as well:
https://gitlab.com/codesonar/examples
Open source projects with GitLab pipelines
https://codesecure.com/trial-request/
Request access to the CodeSonar results
Provide your GitLab id and you will be able to work on MRs
https://www.youtube.com/@CodeSecure_
Detailed videos

dcblack

Score: 1 | 9 months ago | no reply

You should refer to the PDF provided and the links in the PDF should be clickable (not just copy/paste). Perhaps a simple QRcode to a page with all the links in one place.

Login

About Mark Hermeling

About CodeSecure

Live Q&A - Optimizing the Developer DevSecOps Experience for Embedded Systems

OUR SPONSORS & PARTNERS