Software security is often boiled down to the “OWASP Top 10,” resulting in an ineffective sense of what maturity-focused, comprehensive application security could be like. How then should an organization consider building a holistic program that seeks to grow in maturity over time? Come hear how one team has taken on this challenge and learn what has, and has not, worked on their own journey.
Learning Objectives: 1: Gain real-world insight on how to realize the Security Development Lifecycle. 2: Learn approaches to make working with engineers a great experience for all. 3: Understand how to track progress and maturity without simply “bug counting.”