Ron Parker
BSides Nashville 2015How do we make our security tips, techniques and tools be enablers in our agile development surroundings? Part of the problem is scale. You and your other security professional friends can't always be totally engaged with each and every delivery team. There will always be more people making security and risk decisions than there are security consultants. Another key is getting out of the way. You need to enable people to make the risk decisions on their own schedule. They can't wait to attend yet another meeting or spend gargantuan efforts on security work that may or may not be needed. We need to build a security environment that that fosters good practices and at the same time fits well into more modern and agile methodologies. There are ways to design security tasks so they can be embedded into just about any methodology. This talk will walk through implementing a Security Development Lifecycle using the OWASP Software Assurance Maturity Model as a guide. Quick and Easy Security should not be an oxymoron.
Bio: Ron Parker
@SCMunk
Ron Parker (@scmunk) is the Senior Enterprise Security Architect for
Unum, the leading group and individual disability insurance provider. Ron
has decades of experience successfully designing and developing secure
application and infrastructure solutions in a complex and regulated
environment. He has worked to implement security process improvements
through establishing security frameworks and integrating security by
applying architecture practices. Ron is also a non-reluctant CISSP.
If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek