Building a Modern Security Engineering Organization

Explore the evolution of security engineering in modern software development environments in this OWASP AppSec California 2015 conference talk. Delve into practical strategies for building and scaling contemporary AppSec and NetSec programs, gain insights on launching successful bug bounty initiatives, and learn techniques for conducting realistic attack simulations to identify compromise signals in your ecosystem. Discover how continuous deployment and DevOps philosophies have transformed business operations and how security teams can effectively adapt to these changes. Benefit from the expertise of Zane Lackey, Founder/CSO at Signal Sciences, as he shares lessons learned from his experience as Director of Security Engineering at Etsy and Senior Security Consultant at iSEC Partners. Gain valuable knowledge on topics such as feature flags, security instrumentation, mindset shifts in security practices, access control in startups, and the importance of realistic trade-offs in security decision-making.