You've done it, completed the project, on time and within the budget!
Now the customer says we need to have this audited by a security firm. Uh oh... what will he find? What impact will the results have on our deadlines?
In this talk we will examine what it takes to build security in with development and beat the pentester.

We'll cover topics like Threat Modelling, Validation, Encoding and Defense in Depth with real world vulnerabilities and practical examples in an Agile context. And learn how to remediate those vulnerabilities by using best practices.
You'll walk away with useful principles, practices and techniques to improve the security of your applications.

Comments

Comments are closed.

Herberto Graca at 13:24 on 1 Jul 2017

Good talk about an important subject often neglected. The speaker seemed to be in control of the subject.
Would have been nice to see more code examples if what to do and not to do.

Expected a bit more of this talk because I think everybody is aware of the basic security measures. It would be more interesting if there were more practical examples what to do and not to do, tooling, etc.

Ellen Boven at 11:30 on 3 Jul 2017

Good overview of topics

The talk was about basic security practices, while I expected a bit more explanation about how you can act like a pentester and find stuff in your own code. The presentation itself was great.