| description |
Software development is speeding up; Waterfall to Agile to Continuous Integration to Continuous Deployment. Do we still have time for security? Of course we do! But many development shops are unaware how to add security to their development process and will often use "security slows us down" as a reason to produce insecure code. This talk focuses on how to add security into a speedy development process while still remaining fast and responsive to customer requests.
The speaker will be Joe Basirico - the VP of Services for Security Innovation. Before he started leading the team, he was a developer, trainer, researcher, and security engineer. Joespent the majority of his professional career analyzing software security behavior and researching how software development organizations mature over time from a security perspective. Through this research, he developed an understanding of application threats, tools, and methodologies that assist in the discovery and removal of security problems both software- and process-related. He manages the company’s engineering blog and has written several publications and tools that focus on source code level vulnerabilities. |
→ |
Software development is speeding up; Waterfall to Agile to Continuous Integration to Continuous Deployment. Do we still have time for security? Of course we do! But many development shops are unaware how to add security to their development process and will often use "security slows us down" as a reason to produce insecure code. This talk focuses on how to add security into a speedy development process while still remaining fast and responsive to customer requests.
The speaker will be Joe Basirico - the VP of Services for Security Innovation. Before he started leading the team, he was a developer, trainer, researcher, and security engineer. Joe spent the majority of his professional career analyzing software security behavior and researching how software development organizations mature over time from a security perspective. Through this research, he developed an understanding of application threats, tools, and methodologies that assist in the discovery and removal of security problems both software- and process-related. He manages the company’s engineering blog and has written several publications and tools that focus on source code level vulnerabilities. |