Software security is an essential aspect of any digital product, yet it is often neglected until the late stages of the development lifecycle. This approach leaves organizations vulnerable to cyberattacks, which can result in costly data breaches, reputational damage, and legal liabilities.
In this panel, we will discuss the importance of building security earlier into the software development process and breaking down the silos between security and development teams. By doing so, organizations can integrate security practices seamlessly into their software development lifecycle and make it easier for developers to write secure code.
We will examine various techniques and tools that can be used to build security earlier into the software development process, such as secure coding guidelines, and automated security testing. We will also explore how to establish a culture of security within development teams and encourage collaboration between security and development professionals.
By attending this talk, you will learn how to:
- Incorporate security practices into the software development process from the outset
- Identify and mitigate potential security risks before they become major issues
- Foster collaboration between security and development teams to build a culture of security
- Make security an integral part of your organization's software development process
Join us to learn how to build secure software from the beginning, and protect your organization from costly security breaches.
Principal DevOps Engineer @KPMG UK
Ana is the AWS Practice Lead and a Principal DevOps engineer on KPMG UK.
She has more than 14 years of experience leading, developing and delivering full enterprise projects from discovery phases, design, and implementation to production, lately focusing on cloud native solutions using serverless and micro-services architectures.
Over the last 8 years she has focused primarily on delivering Cloud Transformation projects for major UK government and retail clients.
She is an advocate of DevOps culture and cloud and passionate about how to optimise workloads in the cloud.
Application Security Consultant & CTO @BounceSecurity
Josh has worked as a consultant in IT/Application Security and Risk for 15 years now as well as a Software Developer. In that time he has seen the good, the bad and the stuff which is sadly/luckily still covered by an NDA. He is currently Chief Technology Officer for Bounce Security where he spends his time helping organisations improve and get better value from their Application Security processes and providing specialist Application Security advice. In his spare time he co-leads the OWASP Application Security Verification Standard project and is on the OWASP Israel chapter board.
Find Josh Grossman at:
CEO and Co-Founder @Step_Security
Varun Sharma is the CEO and co-founder of StepSecurity, an open-core startup that empowers developers to defend against software supply chain attacks by automating security best practices.
He was formerly a Principal Security Software Engineering Manager at Microsoft, where he led the Green Team with a charter to solve high-risk, systemic security issues for Microsoft Azure.
Varun has over 15 years of security experience and an MSc in Information Security from Royal Holloway, University of London.
Lead Cloud Security Engineer @Virgin Media O2
Henry Tze is a Lead Cloud Security Engineer at Virgin Media O2. Focus on building users-focused security paved road at scale for developers/engineers/builders to maximise value creation at pace in AWS and GCP Cloud.
Empowering all levels of end users by providing pipeline templates, infrastructure blueprints, working examples, secure ways of working, low/no code self-service platforms that they never imagined before.
All in form of everything as code and he believed that's how builders should be united with and aligned. Encouraging users to form an internal community to overcome technical issues and share the love.