Description: As the old British Telecom adverts used to say it's good to talk so I thought now was a good time to talk about how we do application security at Realex Payments. Rather than just talk about where we are today this talk will focus on the lessons learned over the past five years and what I'd do differently if I could it all again. I will tell the story of how application security has worked and evolved in a fast growing technology company from the day we created our first application security role in the business to our current application security approach. The story will include how we scaled application security to keep up with the changes in a fast growing business, how playing card games with developers was one of the best things we've ever done and how following the KISS principle in the early days of an application security program is vital. You will see how we have progressed from having no dedicated application security resources to our current staffing levels and how our goals have evolved from simply security reviewing our applications to more grand goals such as wanting to provide free application security training for anyone in Ireland. This isn't an application security talk focusing on the theory and approaches that seem good on paper. You will have the opportunity to learn the lessons from five years of real world application security from the person who was at the centre of application security in Realex Payments. Following on from the success of Agnitio I will be releasing three new open source application security tools I have developed in this talk. These tools have helped improve application security reviews, reporting and visibility in Realex and I hope they will do the same for you! The Ninja News Daily said "5 stars! The Realex Payments Application Security story is a gripping story of one ninjas journey through five years of application security. Do not miss!"
For More Information Please Visit : - https://www.hackinparis.com/talk
Latest from the SecurityTube Blog:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.