Download pdf
Traditional software security serves a-la-carte waterfall model, and does not fit perfectly in an agile smorgasbord. This talk will explore different aspects of doing software security in modern software development, ranging from one-off activities like security requirements, threat modeling and also touch upon continuous activities like security testing, DevSecOps, measuring residual risk.