Costs of Coding to Compliance

Explore the challenges of balancing security and compliance in software development through this insightful conference talk from APPSEC Cali 2018. Delve into the pitfalls of coding solely to meet compliance standards like PCI, and discover how this approach can lead to security gaps and increased risk. Learn strategies for addressing these gaps, planning for future risks, and prioritizing security initiatives to better manage application security risks while supporting compliance efforts. Gain valuable insights on implementing a framework that combines secure coding practices with compliance requirements, ultimately hardening applications and improving overall security posture. Understand how a more mature security approach can benefit even robust applications while meeting compliance standards for application security. Presented by Magen Wu, a Senior Consultant at Rapid7 with over 10 years of specialized IT experience, this talk covers topics such as security metrics, security maturity models, PCI compliance, multifactor authentication, security lifecycle development cycles, and the importance of cultural shifts in addressing security challenges.