Maginot Line – Common AppSec Anti-Patterns Preventing your Success
Future Cyber Tech, Application Security & DevOps Theatre
Thu 19th Oct 14:20 to 14:50
Is your AppSec program stalled? Is it failing to meet your expectations? You may be victim of some common anti-patterns that are keeping you from reaching your goals. Are you achieving your goals or meeting your metrics but have a sinking suspicion that your ultimate goal of reducing your company’s risk isn’t being met? As the French learned in WWII, a partial defense is no defense at all. The Maginot Line will serve as our metaphor for failed or suspect AppSec programs.
Based on years of experience helping companies build their application security programs, there are several behaviors that Pete has seen repeated by a number of them. Some companies have created strategies that were logical, but did not work in practice, others were unable to see the forest for the trees and created plans that were too myopic.
In this talk Pete will review the most common anti-patterns and suggest ways to make corrections for a more effective AppSec program.
What you will take away from this session
- Several prevalent anti-patterns in AppSec programs
- A description and the negative consequences associated with each
- Prescriptive measures to counteract those patterns
- Measurable outcomes to reduce risk