Nurture vs. Nature in AppSec: Data-Driven Measurement of DevSecOps

Posted on in Presentations

Can good development practices make a bad app good? In this talk, we will examine the development practices utilized in more than 132k applications. Using rigorous, data-driven analysis, we measure how dynamic and static scanning, scan cadence and frequency, and software composition analysis affect application security. We will show that good practices can make the most security-debt riddled app safer.

Benjamin Edwards


Principal Research Scientist, Bitsight

Jay Jacobs


Co-founder and Chief Data Scientist, Cyentia Institute

Share With Your Community