Full-Service IT Staffing and Managed Projects: Contact us today to see how we can help!Get in touch

QASIG Meeting: September 13, 2017, 6PM

Join us at our headquarters for the next QASIG meeting on September 13th at 6 PM. As always, we’ll have pizza and beverages at 6 with the program starting at 6:30.

Register at the QASIG site: http://www.qasig.org/events/september-qasig-meeting/

Building a Collaborative and Social Application Security Program

Presented by: Joe Basirico, Security Innovation, VP of Professional Services

In today’s environment, there is no arguing that a comprehensive secure development process is necessary. Fitting tools, technology, and security reviews into our current development cycle has become table stakes for companies building the software of tomorrow.

Breaking the “find and fix” vulnerability based assessment cycle so that software is developed with security in mind from start to finish is critically important, but doing this without leveraging a collaborative and social security program that leverages bug bounty programs, security researchers, and every aspect of vulnerability disclosure misses a huge opportunity. In this talk, I will explore how your security program can reach beyond the Secure SDLC.

About our speaker:  As the VP of Services, Joe is responsible for leading the Professional Services business at Security Innovation. He leverages his unique experience as a development lead, trainer, researcher, and test engineer to direct the security consulting team in the delivery of high-quality, impactful risk and software assessment and remediation solutions to the company’s customers. His ability to blend deep technical skills with risk-based business and compliance analysis is a powerful combination.

Joe has spent his career analyzing application behavior with respect to security. He has researched how software development organizations mature over time from a security perspective. Through this research, he has developed an understanding of application threats, tools, and methodologies that assist in the discovery and removal of security problems both software and process related.

Spread the word. Share this post!

Leave A Reply

Your email address will not be published. Required fields are marked *

UA-571360-1