Security is an increasingly important aspect of software development, especially for services that process and store sensitive data.
In rapidly growing and dynamic organizations, infrastructure teams need to balance building features to support product growth and business goals while maintaining a secure platform. At Stripe we believe that security is a collective responsibility, and it’s especially important to closely collaborate with security teams to continually improve the quality of decisions and changes that affect sensitive systems.
In this talk, we’ll discuss strategies for building a culture of security so infrastructure and security teams can each play to their strengths while maintaining high development velocity. We’ll walk through some examples of both how we typically run security-sensitive projects at Stripe as well as processes that help to extend security awareness (and interest!) through the rest of your organization.