I gave a presentation at OWASP AppSec USA in Minneapolis about how we fundamentally think about software security. In “Software Security: Is OK Good Enough?” I show how other industries justify safety. In the food business, restaurants have to adhere to health codes, to keep their employees and consumers safe. In that same way, security is a measure of software safety. And yet, security isn’t always valued in the software world. My presentation outlines why security is important, how other industries justify safety measures, and what we can do to justify security.
Slides from my presentation at OWASP AppSec USA are online here: