Presented at
DeepSec 2015 „DeepSec No. 9“,
Nov. 20, 2015, 5:40 p.m.
(50 minutes).
Buzzwords about Agile are flying around in overwhelming speed, talks about Scrum, Kanban, XP and other methodologies and practices are thoroughly discussed while security is still left as a 'high level' talk, or, sometimes, as understanding how to adapt from traditional development methodologies. Some best practices will leave you scratching your head, unsure what was the original intention and without understanding how to implement security in Agile, effectively.
This talk will help security engineers, developers and product owners and developers understanding both technical and operational security in Agile. Removing bottlenecks of security processes, eliminating security risks hidden inside of Agile methods, increasing the visibility of security tasks, in addition to how to perform the traditional security duties only in a faster, efficient pace - All of this will be covered in the talk, preventing possible fails and unexpected faults in your SDLC.
Presenters:
-
Daniel Liber
- CyberArk
Daniel Liber is the R&D security leader in CyberArk, a leading company in securing enterprises against cyber attacks that take cover behind insider privileges and attack critical enterprise assets. Previously he has worked as an application security consultant for Comsec Consulting, working with customers from industries such as banking, finance, telecom and governmental offices. Daniel also served as a principle security team leader at Bank Leumi (Israel) with focusing on building secure mobile and web applications. Aside of lecturing in OWASP conferences and providing with security training sessions on various topics, Daniel is enthusiastic about security communities, exchanging ideas for research and promoting security, step by step.
Links:
Similar Presentations: