Nurture vs. Nature in AppSec: Data-Driven Measurement of DevSecOps


Posted on in Presentations

Can good development practices make a bad app good? In this talk, we will examine the development practices utilized in more than 132k applications. Using rigorous, data-driven analysis, we measure how dynamic and static scanning, scan cadence and frequency, and software composition analysis affect application security. We will show that good practices can make the most security-debt riddled app safer.

Participants
Benjamin Edwards

Speaker

Principal Research Scientist, Bitsight

Jay Jacobs

Speaker

Co-founder and Chief Data Scientist, Cyentia Institute


Share With Your Community