How to Use Your Vulnerabilities to Train Your Developers on Security

Presented by

Prash Somaiya, HackerOne and Jared Ablon, HackEDU

About this talk

The idea of secure coding training that covers just what you need, right when you need it, seems too good to be true. But it’s not. Leading development teams are using their own vulnerabilities to train their coders, focusing on their most pressing mistakes while providing a more relevant experience that keeps coders engaged. This workshop will show you how to set up a program, reveal the most common vulnerabilities developers cause, and how to make sure your developers develop a fix that really solves the problem. Key Takeaways: - Vulnerabilities developers find easiest and hardest to fix - The top vulnerabilities that developers “fix” incorrectly - Which programming languages have fewer vulnerabilities in production - Topics your developers should master to become more secure coders - How to develop a training schedule that doesn’t disrupt productivity

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (99)
Subscribers (7853)
HackerOne closes the security gap between what organizations own and what they can protect. HackerOne's Attack Resistance Management blends the security expertise of ethical hackers with asset discovery, continuous assessment, and process enhancement to find and close gaps in the ever-evolving digital attack surface. This approach enables organizations to transform their business while staying ahead of threats. Customers include The U.S. Department of Defense, Dropbox, General Motors, GitHub, Goldman Sachs, Google, Hyatt, Lufthansa, Microsoft, MINDEF Singapore, Nintendo, PayPal, Slack, Twitter, and Yahoo. In 2021, HackerOne was named as a ‘brand that matters’ by Fast Company.