Developing a Successful Secure Product Lifecycle (SPLC) Program

Logo
Presented by

Julia Knecht and Taylor Lobb of Adobe

About this talk

A secure product lifecycle (SPLC) is integral to ensuring software is written with security in mind, but companies struggle to create a successful process with limited security resources and minimal impact to engineering teams. In this webinar, Julia Knecht and Taylor Lobb – Managers, Security & Privacy Architecture at Adobe, will explain how a team of just two security pros helped roll out a successful SPLC program that has scaled to support thousands of engineers by leveraging automation and establishing security ambassadors (champions) within the product engineering teams. Defining security requirements and KPIs for engineering teams is just the first step in creating the SPLC. In order to make the design a reality for several products, thousands of engineers, and millions of lines of code, Adobe’s team was organized into an “as a service” model and utilized automation to scale to meet this demand. Establishing a strong security ambassador program helped ensure the success of the SPLC. The centralized ambassador network has been crucial to the success all product security initiatives throughout the business unit. You’ll walk away with on-the-ground knowledge you can use to establish an effective SPLC in your own organization by establishing and utilizing security ambassadors and providing seamless automation to support these key initiatives.

Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (884)
Subscribers (55241)
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa