In a modern software house, security is a top priority. It is a fast-paced working environment focused on continuous delivery and integration. Keeping up is an endless and demanding challenge for the security team. Issues arise and must be addressed efficiently and in an expedited manner.
Besides keeping abreast with emerging technology, the team needs to develop strategies that ultimately work within the organisation.
- Can classic analysis tools be used on a strict time cycle?
- How can a security team handle the demands of a product team?
- How to ensure that everyone is on the same page and understands what’s under the hood?
In seeking answers to these questions, this talk assembles a set of tips and tricks by showing some work and spikes used in a real software house. One hopes to provide a potential roadmap for the implementation of secure and improved Software Developing Life Cycles.