Hi [[ session.user.profile.firstName ]]

Pioneering a human approach to secure coding - panel discussion Part 1

Our expert panel of security professionals discuss pioneering the human approach to secure coding knowledge and remediation. They will uncover key findings from our recent primary research giving insight into developer attitudes to secure coding, secure code practices and security operations and panel discussion.
Learn about creative ways to stamp out poor coding patterns for good, making security intrinsic to developer workflows, and enabling human-led prevention.

Don't miss part 2 - Pioneering developer upskilling at Suncorp
Recorded Jul 29 2021 27 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Audrey Wakefield - Application Security at Suncorp, Hardy Vargas- Security Manager at Australian Bureau of Statistics
Presentation preview: Pioneering a human approach to secure coding - panel discussion Part 1

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Shorten your software vulnerability remediation by over 35% Oct 20 2021 11:00 am UTC 45 mins
    Casey Ellis: CTO at Bugcrowd, Andreas Schneider: Group CISO at TX Group and Matias Madou: CTO at Secure Code Warrior
    Between looming deadlines and increased pressure to launch better products faster than the competition, modern-day developers have less time than ever before. Valuable time is often consumed by rework, debugging, and code maintenance - a recent survey found 38% of developers spend up to a quarter of their time fixing software bugs. Over half of developers say if they didn't have to spend so much time fixing bugs, they would have enough time to build new features and functionality.

    In this webinar, join experts from Bugcrowd, Secure Code Warrior, and TX Group, as they discuss:

    Why vulnerabilities continue to be an issue despite the use of scanning tools
    The importance of security testing as a component of the security workflow
    How to fix the traditional security training model
    How to help your developers find and fix vulnerability issues faster
    Steps to leverage crowdsourced security to optimise your security model
    Join the discussion to hear how TX Group is addressing this challenge and pick up practical tips to help your development team today.
  • Making Moves with NIST: The future of software security standards Recorded: Oct 5 2021 45 mins
    Panel of security experts
    NIST has released its "Guidelines on Minimum Standards for Developer Verification of Software" in response to President Biden's Executive Order on Cybersecurity. With an industry ready and willing to support increasing the security of the Nation's software, there are some in the industry that feel the standards don't go far enough. How specific should these guidelines be? Is NIST focused on what matters?

    Join our panel of industry experts as they discuss NIST's latest release and the future of software security standards.
    Welcome panelists:
    - Jim Pflaging, Managing Partner, Cynergy Partners
    - Jeff Williams, CTO & Co-Founder, Contrast Security
    - Brian Chess, Advisor & Investor, Secure Code Warrior & Contrast Security
    - Vikram Ghosh, SVP of Strategic Alliances, Secure Code Warrior
  • Upskilling: The Missing Link to Close The Security Gap For AppSec Recorded: Sep 21 2021 29 mins
    Peter Robinson, Head of Security at Zip, and Jaap Singh, Co-Founder of Secure Code Warrior
    We continue to face an enormous shortfall in security-aware developers in the workforce. With cyber threats increasing globally and the recurrence of common vulnerabilities in our code, it’s crucial we obtain the skills to protect the software and critical infrastructure we rely on.

    Rather than investing in more tools, is upskilling the answer?

    Hear from Peter Robinson, Head of Security at Zip, and Jaap Singh, Co-Founder of Secure Code Warrior & AppSec Trainer for an insightful discussion on why upskilling cybersecurity skills within the workforce is essential to closing the security gap.

    Discussion topics include:

    - How equipped are organisations to upskill their cyber capabilities?

    - With the rapid transition to remote working and digitalisation, how
    important have application security become in the cybersecurity mix?

    - The importance of the human factor and ongoing training to minimise
    security risks.

    - Standards and certifications: What to look for when recruiting security-
    aware professionals.
  • Mature Your Security Program Recorded: Aug 30 2021 27 mins
    Stefania Chaplin, Security Solutions Architect
    As the first line of defense in your organization, developers are our heroes when it comes to secure coding. Give them a pathway to excel in their skills and reward them for it. From contextual learning tools and real-world simulations, to full certification programs, there are a variety of ways to take your training program to the next level. And as more developers improve their secure coding skills, your organization’s security posture becomes stronger with fewer vulnerabilities being written into your code.

    Join security expert, Stefania Chaplin, who will take a deeper look at secure code training and show you ways to mature your program with Secure Code Warrior. Key topics will include:
    - Relevant real-world simulations with Secure Code Warrior's Missions feature
    - Increased contextual learning with Jira and GitHub extensions
    - Certifications that engage and reward developers
  • Pioneering a human approach to secure coding - panel discussion Part 1 Recorded: Jul 29 2021 27 mins
    Audrey Wakefield - Application Security at Suncorp, Hardy Vargas- Security Manager at Australian Bureau of Statistics
    Our expert panel of security professionals discuss pioneering the human approach to secure coding knowledge and remediation. They will uncover key findings from our recent primary research giving insight into developer attitudes to secure coding, secure code practices and security operations and panel discussion.
    Learn about creative ways to stamp out poor coding patterns for good, making security intrinsic to developer workflows, and enabling human-led prevention.

    Don't miss part 2 - Pioneering developer upskilling at Suncorp
  • Fireside chat: Pioneering developer security upskilling at Suncorp - Part 2 Recorded: Jul 29 2021 23 mins
    Audrey Wakefield, Application Security Manager, Suncorp and Kirsty Alsop, Head of Customer Success at Secure Code Warrior
    Audrey Wakefield, Application Security Manager, Suncorp and Kirsty Alsop, Head of Customer Success, Secure Code Warrior discuss:
    Suncorp's approach to developer secure coding upskilling and what has enabled the success of their program
    Moving from a compliance mindset to skills uplift mindset
    What was achieved in 2020 and what will success look like in Suncorp's secure coding program for 2021
    How Secure Code Warrior is supporting Suncorp to achieve their program objectives.

    Don't miss part 1 - Pioneering a human approach to secure coding
  • DevOps to DevSecOps: delivering quality and secure development from the start Recorded: Jul 23 2021 53 mins
    Stefania Chaplin, Solutions Architect at Secure Code Warrior and Simon Roe, Product Manager at Outpost24
    DevOps infrastructure that is agile, easy to deploy and scale-up is the gold standard for many application developers, however, it can be increasingly complex. With many DevOps programs facing higher risk of cyber-attacks and data breach as security is often left out and not integrated into the SDLC workflow from the beginning.

    To help companies embrace a security first culture,we’ll discuss the importance of starting left, and empowering DevOps with the skills and understanding to practice secure coding and become your first line of defense. Our experts will discuss the key considerations for implementing security training and application security into the SDLC, how to engage with developers through gamified learning and embed security testing without any downtime and costing the earth.

    What you’ll learn:
    - Fundamentals for starting left with secure code training to maximize compliance
    - Security best practice for maximum DevSecOps from developer training, risk scoring, to application security
    scanning and API testing
    - Building security testing into your SDLC to deliver actionable results and reduce application vulnerabilities
    - Integration and automation of application security for fast and secure deployment
    - Customer success stories and how to successfully implement DevSecOps into your own organization
  • How To Close the Avoidance and Remediation Gap in Open Source Compliance. Recorded: Jun 23 2021 45 mins
    Alex Rybak at Revenera and Matias Madou at Secure Code Warrior. Moderated by Andy Knapp at Secure Code Warrior
    In a recent Aberdeen report, 8 out of 9 organizations were not aware of any compliance or vulnerability issues in their codebase. For the one company that identified issues, what they knew only represented 9.5 percent of the actual issues eventually uncovered through a software audit. This represents both an avoidance and remediation gap when it comes to managing security and compliance risk.

    Closing this gap is important to help engineering teams and their leaders better understand the impact of open source software on an organization’s ability to create and deliver risk-free solutions. Part of the solution is creating a closed-loop process of training developers on the importance of security and compliance as well as how to mitigate risk, along with establishing the right tools for discovery and remediation.

    If you’re a developer, engineering leader, or security specialist, in this webinar hear our experts Alex Rybak, Director of Product Management at Revenera and Matias Madou, CTO at Secure Code Warrior discuss:

    - The importance of implementing continuous governance throughout the software development lifecycle.
    - Why a Software Bill of Materials (SBoM) is an Engineering leader’s best friend.
    - How developing trusty-worthy solutions begins with setting agreed upon cross-functional policies for identifying and remediating risk.
    - Industry regulations coming into play requiring structural change to support compliance and security management.
    - The role companies now play in securing developer education through programs such as micro-training for a more robust open source management initiative.

    Register today, we look forward to seeing you on the 23rd.
  • Winning the AppSec Battle in Digital Transformation Recorded: Jun 4 2021 55 mins
    James Rees - MD at Razorthorn, Robbie Tyrie - Security Manager at Aegon Bank and Charles Dehnel - CSM at Secure Code Warrior
    We’ve all seen a dramatic change in how we operate since March 2020. More businesses are either reviewing their existing software solutions, or migrating to ‘as a service’ options to meet evolving customer needs. At the same time the way we work has changed forever, with flexible and remote working here for the foreseeable future.
    These changes give rise to new security concerns; from the security gaps existing in our infrastructure, to hidden risks in third-party software that we’re increasingly reliant on. How can we embrace digital change without putting ourselves at risk?

    Join us as we get to grips with this complex topic. We’ll cover:

    - The history of security in coding and the great security - development divide
    - How these have influenced the recent security breaches we’re seeing these days
    - What can be done to fix the problem

    And there's more: All event attendees will have the chance to WIN a one day workshop and Tournament for their development team.
  • Building an Inclusive Security Training Program to Empower a Secure Workforce Recorded: May 26 2021 48 mins
    Alex Jones, Information Security Manager at Cobalt.io
    Alex Jones, the Information Security Manager at Cobalt.io, discusses how building and running an inclusive security awareness program helps foster collaboration across cross-functional teams such as sales, marketing, product, and engineering. A robust and inclusive security awareness program empowers a more secure workforce and goes beyond just building security culture for a few select teams. Join this session and learn about some of the benefits, such as a more secure and security-aware workforce, improved capabilities to respond to incidents, and transparency for what your security teams are working on.
  • How to Speak Security in the Board’s Language Recorded: May 26 2021 37 mins
    Espen Agnalt Johansen Director of Security @ Visma
    Hear from Espen Agnalt Johansen Director of Security @ Visma about how to speak security in a language that will get the board's attention
  • How to Develop a Security First Culture Recorded: May 26 2021 34 mins
    Maria Morris Application Security Engineer @ Blue Prism
    We know that humans are the weak link in a system, and they’re also the ones writing the code. We also know that deep down, people want to do the right thing, but sometimes just don’t know how to do that. Security can take a backseat to budget and timescales, so how do we still keep focused on security? By evolving a Security First culture, you can help to address these concerns. In this talk, we will be discussing practical ways to encourage a Security First culture in your organisation.
  • Why You Need to Mobilize your Cyber Jedi Academy Recorded: May 26 2021 39 mins
    Gustav Lundsgård, Software Security Product Owner at IKEA.
    As part of our Leaders in AppSec series, we hear from Gustav Lundsgård, Software Security Product Owner at IKEA.
    Amidst the digital revolution and the change that affects human behavior, IKEA have had to rapidly change the way we do IT and software development. Two years ago, we set out to change (almost) everything we do and how we look at software security. In this presentation, we will focus on our Cyber Jedi Academy, a community, created to empower software developers within IKEA to address and work with security. The presentation will cover what we’ve learnt from running the academy for a year, and how we’ve come to change many things, such as why we must adopt team-centric security and how this optimizes the security work within teams.
  • Panel Discussion: The Changing Face of Software Security Recorded: May 26 2021 33 mins
    Mourad Yesayan Managing Director Paladin Capital Group & Reena Shah Director Cyber Security Strategy London Stock Exchange
    Developers and secure coding seem to go together like Apple and Microsoft... it's possible, but there are a lot of unknowns, errors, and compatibility issues. They have other priorities, and security is often placed on the backburner in favour of feature-building. It's time we got to the bottom of this disconnect.

    Our research revealed that more than 88% of developers find coding securely challenging. With software being at the heart of all organizations, we invite you to join us to discuss this and other brand new findings into developer attitudes to application security practices. In this session, we will discuss with our panel experts Mourad Yesayan from Paladin Group and Reena Shah from London Stock Exchange Group what developers really think about secure coding, and how this can ultimately affect the integrity of your business.

    Discover:
    - How many companies are actually producing secure code
    - How secure coding varies between regions
    - Whether or not secure coding could help to keep the valuable developers in your organization.
  • Is Security a Developer's Problem? Recorded: Mar 25 2021 57 mins
    Jonny Tennyson - Head of CS at Irius Risk, Stefania Chaplin - Sales Engineer at Secure Code Warrior
    Technology has exploded. And it ALL needs to be secured. Yet, security teams don’t have the manpower to cover all bases in times of rapid technological growth and evolving cybersecurity threats.

    In this discussion we cover the big questions:

    Is security exclusively the problem of security teams?
    Is it only security teams that determine what can go wrong?
    Is tooling really the answer?

    Join us, we're sure you'll pick up something new and interesting.
  • Upskilling: The Missing Link to Close The Security Gap For AppSec Recorded: Mar 24 2021 28 mins
    Peter Robinson, Head of Security at Zip, and Jaap Singh, Co-Founder of Secure Code Warrior
    We continue to face an enormous shortfall in security-aware developers in the workforce. With cyber threats increasing globally and the recurrence of common vulnerabilities in our code, it’s crucial we obtain the skills to protect the software and critical infrastructure we rely on.

    Rather than investing in more tools, is upskilling the answer?

    Hear from Peter Robinson, Head of Security at Zip, and Jaap Singh, Co-Founder of Secure Code Warrior & AppSec Trainer for an insightful discussion on why upskilling cybersecurity skills within the workforce is essential to closing the security gap.

    Discussion topics include:

    - How equipped are organisations to upskill their cyber capabilities?

    - With the rapid transition to remote working and digitalisation, how
    important have application security become in the cybersecurity mix?

    - The importance of the human factor and ongoing training to minimise
    security risks.

    - Standards and certifications: What to look for when recruiting security-
    aware professionals.
  • (APAC) Upskilling: The Missing Link to Close The Security Gap For AppSec Recorded: Mar 24 2021 28 mins
    Peter Robinson, Head of Security at Zip, and Jaap Singh, Co-Founder of Secure Code Warrior
    We continue to face an enormous shortfall in security-aware developers in the workforce. With cyber threats increasing globally and the recurrence of common vulnerabilities in our code, it’s crucial we obtain the skills to protect the software and critical infrastructure we rely on.

    Rather than investing in more tools, is upskilling the answer?

    Hear from Peter Robinson, Head of Security at Zip, and Jaap Singh, Co-Founder of Secure Code Warrior & AppSec Trainer for an insightful discussion on why upskilling cybersecurity skills within the workforce is essential to closing the security gap.

    Discussion topics include:

    - How equipped are organisations to upskill their cyber capabilities?

    - With the rapid transition to remote working and digitalisation, how
    important have application security become in the cybersecurity mix?

    - The importance of the human factor and ongoing training to minimise
    security risks.

    - Standards and certifications: What to look for when recruiting security-
    aware professionals.
  • Marks and Spencer: Why AppSec Gets the Short End of the Security Budget Stick Recorded: Feb 25 2021 28 mins
    Lee Thurlow, Head of AppSec @Marks and Spencer
    In this interview with Lee Thurlow, Head of AppSec at Marks and Spencer we discuss why AppSec is usually put towards the bottom of the list when it comes to the overall security budget. In this session you will learn:
    - How to change the narrative to position AppSec as a high priority for your organisation
    - Lee's top tips for great AppSec achievements
  • Marks and Spencer: Why AppSec Gets the Short End of the Security Budget Stick Recorded: Feb 25 2021 28 mins
    Lee Thurlow, Head of AppSec @Marks and Spencer
    In this interview with Lee Thurlow, Head of AppSec at Marks and Spencer we discuss why AppSec is usually put towards the bottom of the list when it comes to the overall security budget. In this session you will learn:
    - How to change the narrative to position AppSec as a high priority for your organisation
    - How the cost of breaches are rapidly increasing
  • Beyond Compliance: Tips to Deliver Engaging Application Security Recorded: Jan 19 2021 49 mins
    Scott Russo, Cloud Security Manager
    About this Webinar
    Do your development teams treat application security training as a check the box exercise? Do you wish they would engage more with cybersecurity and even take ownership? This session covers tips for creating an application security training program where developers will come to you! And you can accomplish this without having to build your training from the ground up. Join this session to learn a few practical tips on how to make an outstanding application security training experience.

    Key items:

    - How to create an engaging story to draw an audience
    - Making Buy vs Build & Optional vs Mandatory decisions
    - Applying basic marketing principles to training
    - Attracting a community of instructors
We’re champions of change in secure coding
Secure Code Warrior is the developer-chosen solution for growing powerful secure coding skills. By making security a positive and engaging experience, our human-led approach uncovers the secure developer inside every coder, helping development teams ship quality code faster.
Through inspiring a global community of security-conscious developers to embrace a preventative secure coding approach, our mission is to pioneer a people-first solution to security upskilling, stamping out poor coding patterns for good.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Pioneering a human approach to secure coding - panel discussion Part 1
  • Live at: Jul 29 2021 5:06 am
  • Presented by: Audrey Wakefield - Application Security at Suncorp, Hardy Vargas- Security Manager at Australian Bureau of Statistics
  • From:
Your email has been sent.
or close