Description: Slide : - http://www.sourceconference.com/publications/bos12pubs/SOURCE%20Boston%20-%20Shyama%20Rose.pdf
MP3 : - http://www.sourceconference.com/podcasts/podcast_bos2012_rose.mp3
It is not news that threats in the application security landscape are changing rapidly. The security focus in the enterprise is evolving along with it. But secure development methodologies haven’t kept up. Large enterprises with rapidly evolving development practices often pay little to no attention to security at all. And when they do, they find that standardized frameworks are antiquated, processes are too heavy handed, and do not fit the enterprise. So they create light-touch, ineffective programs so as not to overload the business.
This presentation fills the gap between over-burdensome antiquated and light-touch ineffective programs by showing how to effectively design and apply strategic programs for complex organizations.
Shyama Rose is a Security Program Manager at Veracode where she employs a holistic, threat-focused approach to design and apply security programs for complex organizations in the Fortune 100. She authored the Center for Internet Security's Microsoft IIS 5.0/6.0 and Microsoft Office 2007 Security Guidance Benchmarks as well as contributed to the Microsoft SharePoint Server Guidance Benchmark. This Spring, she will be lecturing on Security Program Management in NYU Poly's Application Security course.
Tags: securitytube , hacking , hackers , information security , convention , computer security , SOURCE-boston-2012 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.