Securing Application Development in 2015 presented at ISSA 2015

by Jerry Hoff,

Summary : Many companies lack formalized security activities before, during and after development. Other companies have made an effort to secure their SDLC, but yet still have huge gaps iterms of measuring and reducing software risk.
In this talk we will go through the most common and widely recommended security practices, focusing on concrete steps your organization can take immediately to work towards better software security assurance.
So whether your company is just getting started or you have a mature security program, come and see if we can identify areas of risk that are quietly putting your organization at risk.