Making Security Invisible by Becoming the Developer's Best Friends

Making Security Invisible by Becoming the Developer's BestĀ Friends

Here is the presentation I delivered in Oct 2011 at OWASP's AppSec Brazil conference:

I think I was able to capture how security tends to be seen by developers, how it is currently a TAX on the SDL and how we need to move Application Security into the 'application visibility' space so that we add value to the entire SDL (and create a positive model where the developers want to engage with us)

After you read the presentation, check out this video which I recorded also in Brazil: "A developer's rant about security professionals" (he was one of the developers that was at the audience which really related to the problem of receiving security guidance from security 'consultants' that don't understand his app).

The demos showed how the O2 Platform ( allowed this world to exist :)



April 07, 2012