Security and reliability are foundational business needs, and focusing on them early can paradoxically accelerate the entire delivery lifecycle.
Security tools should be designed to preserve developer flow and minimize context switching to avoid making daily work miserable.
Security can be integrated at multiple stages, from initial project design and coding to the pre-commit and code review phases.
Static analysis tools scan source code, infrastructure as code, containers, and dependencies to find vulnerabilities before the code is run.
Dynamic analysis tests running systems through techniques like web application scanning, API fuzzing, and overload testing to find runtime vulnerabilities.
Shifting security responsibilities to developers helps the typically smaller AppSec team scale and focus on systemic architectural problems.
The future of security involves AI-powered remediation and consolidated development platforms that embed security policies for the entire organization.
Modern security tools must be accurate to avoid false positives, provide context, and offer automated remediation to be truly effective.
Bitpanda
Vienna, Austria
21:53Isaac Evans
29:50Kevin Lewis
08:27Mia Neethling
23:34Stefania Chaplin
27:32Jasmin Azemović
27:36Tino Sokic
28:30Amir Friedman, Martin Reynolds & Yair Etziony
25:28Joseph Katsioloudes
Jobs that call for the skills explored in this talk.
SAP AG
Berlin, Germany
Abnormal AI, Inc.
Bridge 351
Evere, Belgium
Pipedrive
Berlin, Germany
Punk Security Ltd.
United Software Group, Inc.
Jersey City, United States of America
