Overview
Syllabus
Introduction
Being the only member of the security team
What responsibilities I had
How much work is involved
What was up against me
Technical strategies
Push left
Writing code
Automating
Code Analysis
Vulnerability Management
Pentesting
Bug Bounty
Cultural Strategies
Key Stakeholders
Everything is okay
Be authentic
Be accessible
Teach different classes
When all of this works
Example
Not clicking on phishing emails
Working with engineers
Its not easy
Technical perspective
Cultural perspective
Being powerful while powerless
Conclusion
Does this work yet
Dealing with conflict
Premise or cloud
Difficult players
Managing priorities
Taught by
OWASP Foundation