Why Your SDLC Keeps Failing and How to Fix It
In this talk, we will share the theory and practice of a different approach to application security. Almost every large financial organization is already using software instrumentation for performance (APM) and a handful have already instrumented their applications for security. We'll discuss how their application security programs are simpler and more effective than traditional heavyweight application security programs. But more importantly, we'll show how the work of application security can be recentered on development and operations teams, leaving application security teams with more strategic work, coaching, and toolsmithing.
Attendees will learn:
- How application security instrumentation works and what it can do
- A new approach to building an application security program and where to start
Attendees will leave with hope that application security efforts aren't futile and that real progress is possible.