How to Use Your Vulnerabilities to Train Your Developers on Security

Logo
Presented by

Prash Somaiya, HackerOne and Jared Ablon, HackEDU

About this talk

The idea of secure coding training that covers just what you need, right when you need it, seems too good to be true. But it’s not. Leading development teams are using their own vulnerabilities to train their coders, focusing on their most pressing mistakes while providing a more relevant experience that keeps coders engaged. This workshop will show you how to set up a program, reveal the most common vulnerabilities developers cause, and how to make sure your developers develop a fix that really solves the problem. Key Takeaways: - Vulnerabilities developers find easiest and hardest to fix - The top vulnerabilities that developers “fix” incorrectly - Which programming languages have fewer vulnerabilities in production - Topics your developers should master to become more secure coders - How to develop a training schedule that doesn’t disrupt productivity
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (123)
Subscribers (11895)
HackerOne pinpoints the most critical security flaws across an organization’s attack surface with continual adversarial testing to outmatch cybercriminals. HackerOne’s Attack Resistance Platform blends the security expertise of ethical hackers with asset discovery, continuous assessment, and process enhancement to reduce threat exposure and empower organizations to transform their businesses with confidence. Customers include Citrix, Coinbase, Costa Coffee, General Motors, GitHub, Goldman Sachs, Hyatt, Microsoft, PayPal, Singapore’s Ministry of Defense, Slack, the U.S. Department of Defense, and Yahoo. In 2023, HackerOne was named a Best Workplace for Innovators by Fast Company.