The Role of Security Champions in Scaling Application Security

Logo
Presented by

Ryan O'Boyle, Manager of Product Security at CA Veracode and Ronda Kiser Oakes, Director DevOps Consulting at Perficient

About this talk

Securing a portfolio of applications can be a practice in extremes. On one hand, you have a small team of security experts trying to help a multitude of developers, testers, and other engineers meet security requirements. At the same time, you have to support all the microservices that the Agile and DevOps teams are building and pushing to production anywhere from once a month to several times a day. Even if you have a fully staffed security team, there still are not enough experts in this area to go around, which means creating a guild of Security Champions is more important than ever. Join Ryan O’Boyle, Manager of Product Security at CA Veracode and Ronda Kiser Oakes, Director DevOps Consulting at Perficient, who will examine the value of the Security Champion role within the development team. They will discuss which groups need to commit for the program to succeed, how to find good champions, and the benefits for all stakeholders. Based on lessons learned from building a successful Security Champion program over the past five years, you will come away with detail actionable steps to bootstrap, monitor, and maintain a customized program that fosters these champions in your organization and scales your security program.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (396)
Subscribers (31066)
Veracode is intelligent software security. The Veracode Software Security Platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Prompted by powerful AI trained by trillions of lines of code, Veracode customers fix flaws faster with high accuracy. Trusted by security teams, developers, and business leaders from thousands of the world’s leading organizations, Veracode is the pioneer, continuing to redefine what intelligent software security means. Learn more at www.veracode.com