February 26, 2020

227 words 2 mins read

Prioritizing trust while creating applications

Prioritizing trust while creating applications

Time and money are generally the resources we focus on when building applications. Yet we cant buy trust; it builds slowly and can be broken quickly when we dont factor it in to our development process. Jennifer Davis examines how to leverage security practices to enable an all-team approach to security.

Talk Title Prioritizing trust while creating applications
Speakers Jennifer Davis (Microsoft)
Conference O’Reilly Velocity Conference
Conf Tag Build systems that drive business
Location Berlin, Germany
Date November 5-7, 2019
URL Talk Page
Slides Talk Slides
Video

Managing risk needs to scale as your product grows in popularity and complexity. In traditional software development, security was often treated as a last gating factor at best and post-incident concern at worst. You need to shift your security processes left—in other words, earlier in the development lifecycle. The cost of applying security practices too late can be catastrophic to a company, leading to the loss of customer trust and affecting the bottom line. Join Jennifer Davis to gain an overview of security tools and practices to adopt, including the CIA triad and why security matters, motivations of attackers, core foundation practices, defense in depth, threat modeling, making choices in your architecture based on operational concern, testing code, coding standards, securing code reviews, handling incidents, and advanced practices such as bug bounty problems, capture the flag, and red team exercises.

comments powered by Disqus