Nurture vs. Nature in AppSec: Data-Driven Measurement of DevSecOps

Posted on in Presentations

Can good development practices make a bad app good? In this talk, we will examine the development practices utilized in more than 132k applications. Using rigorous, data-driven analysis, we measure how dynamic and static scanning, scan cadence and frequency, and software composition analysis affect application security. We will show that good practices can make the most security-debt riddled app safer.

Ben Edwards


Senior Data Scientist, Cyentia Institute

Jay Jacobs


Co-Founder and Chief Data Scientist, Cyentia Institute

DevSecOps & Application Security Product Security

application security DevSecOps secure coding security analytics software code vulnerability analysis



Share With Your Community