Presented at
Diana Initiative 2022,
Aug. 11, 2022, 8:30 a.m.
(60 minutes)
Secure Application Development is more than just the software itself; it's about knowing who is creating the software. One of the most important relationships we'll have as a security professional, is the one we have with teams across the business - we can't build a secure organization on our own! We'll cover some common problems that arise from insecure relationships, including teams not being aware of your existence or processes, requests for help arriving too late or being lost in the noise, and only finding out about new features or products after they've gone live. This talk aims to give you practical examples and actions to help you take the initiative, to facilitate better conversations with teams, and cultivate stronger partnerships that encourages teams to reach out for help earlier and more often.
Presenters:
-
Yianna Paris
- SEEK
Currently a Security Engineer, with a focus on Application and Offensive Security. I built things as a Software Engineer, studied Computer Science, worked as a UX Designer, co-found a software dev business, and taught higher education subjects. Still enjoy making things, but I now also break them. When I'm not coding tools, I like talking to people about improving security processes in app teams, tackling complex problems, and introducing software development practices into the security team. I love going detailed and technical, diving deep into problems when I'm doing vulnerability research, threat assessments, breaking video games and woodworking. I'm determined to uplift and introduce people with diverse experiences and perspectives into this field, by making secure software development an even more enjoyable experience.
Links:
Similar Presentations: