A Tale of Two Teams: Security and Development Join Forces to Secure Code

Date: Tuesday, July 31, 2018, 01:00 PM EDT 

As the software development lifecycle (SDLC) continues to shift to a DevSecOps model, more and more security responsibility is shifting to development teams. Security teams now have to work closely with developers, which means it is even more critical for each team to understand each other’s processes, priorities and tools. While security teams focus on reducing risk and achieving compliance, developers concentrate on delivering quality code on deadline. So how do IT organizations bring these two teams together to achieve a common goal?

Join Ryan O’Boyle, Manager of Product Security at CA Veracode, who will share best practices for achieving cohesion between security and development teams. Based on lessons learned from building a successful Security Champion program over the past five years, you will come away with detailed and actionable steps to bootstrap, monitor, and maintain a customized program that will help scale your security program. Topics that Ryan will discuss include:

  • The value of the Security Champion role within the development team and how to find good champions
  • How security teams can help developers to embed security into their processes seamlessly through training and remediation and mitigation guidance
  • How to utilize multiple testing techniques along the entire application lifetime to drive down application risk in your organization