Overview
Syllabus
Intro
About me
You help securing
What happened?
COACH WITH THE END IN MIND
Planning phase
Keep in touch
The security coach
Select your elements wisely
Make it visible
Get a headstart: Get & train security teams!
Raise your champions
Don't overdo it!
Threatmodelling
Next step: automate!
See how & when you can let go
NEVER FORGET!
Add too many processes & steps CAUSE OF DEATH
Let the developer dig for requirements
Forget to measure
Do SDLC/ automation all yourself
Do SDLC / automation all yourself
Making it complex
Chief Excuse Officer
Wanting to hold on
Recap
Taught by
OWASP Foundation