BSides Austin 2013 was at the end of last week and one of the things I did while I was there was give a talk about different patterns we’ve seen as we’ve helped firms put together their software security programs. Slides are online:
The abstract for the talk was:
Every organization’s software security program implementation is different, but patterns exist providing guidance to those looking to plan for their program rollouts. This presentation covers several aspects of this process including the “ownership” of the software security program as well as implementation of static code analysis, dynamic application testing and developer security education.
dan _at_ denimgroup.com