AppSec Policy: Is Yours Built for Modern Development Approaches?
There’s no denying that enterprise applications must be protected but thwarting increasingly severe and frequent threats to customer data and confidential information requires more out of our AppSec policies than ever before. Add in the challenge of building increasingly secure applications to address the current pressures of digital transformation, many organizations are finding that their AppSec policies just can’t keep up—resulting in costly post-development vulnerability triage and deployment delays. Therefore, company-wide AppSec policies that directly influence developers and security teams are imperative to meet time-to-market demands.
See Also: The State of Vulnerability Management
During this talk, I’ll discuss how the development of an organization’s AppSec policy drives developer training initiatives, and how proper and consistent secure coding education must be available to developers while coding. Finally, I’ll focus on the needs of Provincial Government, both from the perspective of their own developers, in addition to their contractors who may need a refresher on becoming better developers.