A Pragmatic Approach for Internal Security Partnerships

Explore a pragmatic approach to internal security partnerships in this 57-minute conference talk from AppSecCali 2019. Discover why engineering teams struggle to prioritize vulnerabilities and how to address the growing gap in risk management. Learn from the speakers' experiences in creating proactive partnerships with engineering and product teams, including specific practices to align on a shared view of risk. Gain insights on enabling rather than gating, automating for visibility and action, threat modeling across organizations, and integrating security features into product roadmaps. Presented by Scott Behrens, Senior Application Security Engineer at Netflix, and Esha Kanekar, Senior Technical Program Manager for Security at Netflix, this talk offers valuable strategies for improving collaboration between security and development teams.