Improving Software Security in an Agile Environment: A Case Study

Tuesday, May 8
1:40 PM - 2:25 PM
Location: Aria

Security is often not the top priority for many developers who are already juggling multiple projects and deadlines. In fact, security seems to only get in the way of keeping up with the pace of business. However, developers control a critical piece of the security puzzle and need to be engaged in the security cause.

Globally recognised security expert and CEO of Secure Code Warrior, Pieter Danhieux, will look at what we have been doing wrong as security professionals and how ‘Agile, DevSecOps and DevOps’ are changing the role of the developer. Developers can no longer stand idly by and say that the responsibility for security lies in the hands of the security team. Instead, security must be built in from the start.

Pieter will look at the current best practices and how these practices, while good, fall short of the goal to build in security from the start. Learn new methodologies currently deployed at multiple global organizations that make developers want to be part of the solution. Pieter will be joined by Russ Wolfe, Dean of Cybersecurity for Capital One’s Tech College, who will share how his team has built and launched an innovative program to train and certify software engineers in secure coding skills. Russ will share his experience, including the drivers and objectives of this approach, the key elements and resourcing of their current program, and importantly, how they are thinking about measuring effectiveness and impact as the program progresses.

Pieter Danhieux

CEO
Secure Code Warrior

Pieter Danhieux is the CEO of Secure Code Warrior, a global security company that makes software development better and more secure. In 2016, he was No. 80 on the list of Coolest Tech people in Australia (Business Insider) and awarded Cyber Security Professional of the Year (AISA - Australian Information Security Association).

Pieter is also a Principal instructor for the SANS Institute teaching military, government and private organisations offensive techniques on how to target and assess organisations, systems and individuals for security weaknesses. He also serves as an advisory board member of NVISO, a cyber security consulting company in Europe. Before starting his own company, Pieter work at Ernst & Young and BAE Systems.

Pieter obtained the Certified Information Systems Security Professional (CISSP) certification as one of the youngest persons ever in Belgium. He then obtained the Certified Information Systems Auditor (CISA, now expired), the GIAC Certified Forensics Analyst program (GCFA) and is currently one of the select few people worldwide to hold the GIAC Security Expert (GSE) certification.

Pieter has spoken at over 50 public presentations in the last 7 years including RSA Asia Pacific & Japan, ACSC, AusCERT, ISACA, ISSA, AISA, CloudSec, and SANS Institute Community Events.

Presentation(s):

Send Email for Pieter Danhieux

Russ Wolfe

Director, Cyber Security Education
Tech College at Capital One

Russ is the Dean of Cybersecurity for Capital One’s innovative Tech College, where he is responsible for the delivery of ongoing cybersecurity education for the company’s cyber professionals, as well the broader tech community. A 20 + year veteran in the cybersecurity field, Russ has held diverse roles in security engineering, architecture, and consulting. Immediately prior to returning to Capital One in 2016, Russ spent 5+ years leading an enterprise-wide program that delivered tools, services and education to improve secure coding practices across GE’s 30,000+ software engineers. Russ is a graduate of the University of Virginia and lives in the Richmond VA area with his wife and three pretty much grown kids. He enjoys travel, hiking, and scuba diving.

Presentation(s):

Send Email for Russ Wolfe


Assets

Improving Software Security in an Agile Environment: A Case Study



Attendees who have favorited this

Please enter your access key

The asset you are trying to access is locked. Please enter your access key to unlock.

Send Email for Improving Software Security in an Agile Environment: A Case Study