Building an Application Security Program from Scratch

Presented at Kernelcon 2019, April 6, 2019, 2 p.m. (50 minutes)

Have you spent lots of money on firewalls. network security, intrusion detection, and exfiltration prevention? What about the glaring hole left even after all that expenditure: Applications. Join me as I take you through a journey from no application security program at all, to five years later. We'll explore what my team did right, and our failures. I'll provide you with pointers to application security resources, and a possible approach to get started. If your company hasn't headed off on the application security journey yet, maybe you can avoid some of our mis-steps.


Presenters:

  • Douglas Swartz
    Doug is a software developer. He fell into application security a while ago when helping to design two factor authentication for a 2400 baud dial-up application. After that, security became an avocation. Now it is his vocation. Doug has a life outside of technology.

Links:

Similar Presentations: