Overview
Explore the implementation of a Secure Product Lifecycle (SPLC) as a service in this AppSecUSA 2017 conference talk. Learn how Adobe's Digital Marketing business unit successfully scaled their SPLC program to support thousands of engineers with limited security resources. Discover strategies for designing, rolling out, and measuring a scalable SPLC, including the creation of a security ambassador program and the utilization of automation. Gain insights into a case study on static code analysis, showcasing how 100% buy-in from engineering teams was achieved through seamless integration into existing workflows. Walk away with practical knowledge on establishing an effective SPLC, leveraging security ambassadors, and implementing automation to support key security initiatives in software development.
Syllabus
Introduction
Adobe
Experience Cloud
Technology and People
Problem
Process
Service Lifecycle
Security Champions
Security Newsletters
Marketing Version
Recap
The World Before Automation
Static Analysis as a Service
Digital Marketing
Automation Platform
Automation Workflow
Roll Out
Summary
Taught by
OWASP Foundation