Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Prioritizing Trust while Creating Applications

Prioritizing Trust while Creating Applications

Managing risk needs to scale as your product grows in popularity and complexity. In traditional software development, often security was treated as a last gating factor at best and post-incident concern at worst. How do we shift our security processes left - in other words, earlier in the development lifecycle? The cost of applying security practices too late can be catastrophic to a company, leading to the loss of customer trust and affecting the bottom line.

In this session learn how to leverage security tools and recommended practices to enable everyone to play a part in securing your application from discovery to operation of your application.

Jennifer Davis

September 26, 2019
Tweet

More Decks by Jennifer Davis

Other Decks in Technology

Transcript

  1. Snyk State of Open Source Security Report 2019 78%vulnerabilitiesinindirectdependencies 37%ofopensourcedevelopersnosecurity

    testinginCI 54%dockerimagenosecuritytesting Top10dockerimagescontain>30vulnerable systemlibraries Source:https://snyk.io/opensourcesecurity- 2019/ 16/40
  2. Red Team Exercise  Fundamentally,ifsomebody wantstogetin,they’regetting in acceptthat.Whatwetell clientsis:Numberone,you’rein thefight,whetheryouthought

    youwereornot.Numbertwo,you almostcertainlyarepenetrated. -MichaelHayden,FormerDirectorofNSA&CIA 37/40