Learn how to establish an Application Security (AppSec) program from the ground up in this 22-minute conference talk recorded for Bsides Chicago. Explore key aspects such as the importance of AppSec, challenges faced, resource management, and developer relationships. Discover strategies for creating an application inventory, prioritizing resources, and implementing enforcement points. Gain insights into effective tools, developing application security policies, and training developers. Understand the developer's perspective and learn to trust your tools while building a robust AppSec program.
Overview
Syllabus
Intro
Importance of AppSec
Disclaimer
First Day on the Job
Challenges
Resources
Application Inventory
Prioritize Resources
Enforcement Points
Tools
Developers eat you alive
Application Focus
Developers Perspective
Application Security Policies
Training Developers
Trust Your Tools
Contact Information
Related Courses
-
Foundations of NIST Cybersecurity Frameworks
-
Building an Application Security Program
-
Twubhubbook - Building an AppSec Program for Startups
-
Building an AppSec Program with a Budget of $0 - Beyond the OWASP Top 10
-
AppSec Awareness - A Blueprint for Security Culture Change
-
Taking AppSec to 11: Pipelines, DevOps and Making Things Better
