Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Wednesday, November 20 • 11:00am - 11:50am
Can AppSec Training Really Make a Smarter Developer?

Sign up or log in to save this to your schedule and see who's attending!

Video of session:
https://www.youtube.com/watch?v=jUOecoGGA2g&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=40

Most application risk managers agree that training software developers to understand security concepts can be an important part of any software security program.   Couple that with the Payment Card Industry, who mandate that developers should have training in secure coding techniques as laid out in their Data Security Standard.  Yet others call developer training "compliance-ware," a necessary evil and a tax on software development in the enterprise.
This presentation shares the results of a yearlong survey of nearly 1,000 software developers that captures their knowledge of application security before and after formal training.  The survey queries developers from various backgrounds and industries, to better understand their exposure to secure development concepts and to capture a baseline for post-training improvements.  The session also includes the results of a "retest" of a subset of respondents, to identify how much security knowledge they retained after a specific length of time.  The results were surprising, and include information every application risk manager should know, particularly those who rely on training as part of an application security strategy.

Speakers
avatar for John Dickson

John Dickson

Principal, Denim Group
John Dickson is an internationally recognized security leader, entrepreneur and Principal at Denim Group, Ltd. He has nearly 20 years hands-on experience in intrusion detection, network security and application security in the commercial, public and military sectors. Dickson is a popular speaker on security at industry venues including the RSA Security Conference, the SANS Institute, the Open Web Application Security Project (OWASP) and at... Read More →


Wednesday November 20, 2013 11:00am - 11:50am
Salon 4 (5th Floor Ballroom) NY Marriott Marquis