Why Can't We Make Secure Software? - ERP Spain.com - España y América Latina

A lot is expected of software developers these days; they are expected to be experts in everything despite very little training. Throw in the IT security team (often with little-to-no knowledge of how to build software) telling developers what to do and how to do it, and the situation becomes strained. This silo-filled, tension-laced situation, coupled with short deadlines and pressure from management, often leads to stress, anxiety and less-than-ideal reactions from developers and security people alike. This session will explain how job insecurities can be brought out by IT leadership decisions, and how this can lead to real-life vulnerabilities in software. This is not a talk about “feelings;” this is a talk about creating programs, governance and policies that ensure security throughout the entire SDLC. No more laying blame and pointing fingers, it’s time to put our egos aside and focus on building high-quality software that is secure. Application security expert Tanya Janca will explore the cause and effect of insecurities and other behavioral influencers and present several detailed and specific solutions that can be implemented at your own place of work, immediately. About the speaker: Tanya Janca, also known as SheHacksPurple, is the best-selling author of Alice and Bob Learn Application Security. She is the Director of Developer Relations and Community at Bright Security, as well as the founder of We Hack Purple, an online learning community that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over 25 years, won countless awards, and has been everywhere from public service to tech giants, writing software, leading communities, founding companies and “securing all the things.” She is an award-winning public speaker, active blogger and streamer, and has delivered hundreds of talks on six continents. She values diversity, inclusion, and kindness, which shines through in her countless initiatives.