Stefania Chaplin
Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together
#1about 3 minutes
Understanding the recurring bug cycle and its impact
Recurring vulnerabilities like SQL injection create a cycle of context switching and developer burnout that goes beyond the OWASP Top 10.
#2about 3 minutes
Breaking down silos between developers, security, and operations
Misaligned KPIs and communication gaps between developers, security, and operations teams can be bridged by creating a culture of security champions.
#3about 6 minutes
Integrating security tools into the developer workflow
Empower developers with free OWASP tools like Zap and dependency checkers, and integrate automated scanning and just-in-time training directly into the CI/CD pipeline.
#4about 2 minutes
Sharpening the saw with personal well-being and learning
Applying the "sharpen the saw" principle through continuous learning and maintaining personal balance helps prevent burnout and improves developer flow.
#5about 2 minutes
Key strategies for building a secure code culture
Build a stronger security posture by prioritizing time to learn, addressing technical debt, adopting an empathetic approach, and using OWASP resources.
#6about 1 minute
Transitioning from a developer to a security role
To move from development to security, start internal conversations, join a security champion program, and explore your company's specific security priorities.
#7about 1 minute
Finding resources for continuous security learning
Beyond the OWASP Top 10, developers can learn security through internal hackathons, online platforms, community meetups, and exploring red team versus blue team concepts.
Related jobs
Jobs that call for the skills explored in this talk.
Matching moments
24:17 MIN
Shifting security left with collaborative threat modeling
We adopted DevOps and are Cloud-native, Now What?
00:28 MIN
Why developers make basic cybersecurity mistakes
Don't Be A Naive Developer: How To Avoid Basic Cybersecurity Mistakes
27:19 MIN
Key takeaways on IDE and developer tool security
You click, you lose: a practical look at VSCode's security
14:17 MIN
Hands-on security training for developers
How GitHub secures open source
14:01 MIN
Security is now a shared responsibility across all teams
The Evolving Landscape of Application Development: Insights from Three Years of Research
06:04 MIN
Integrating security into existing team workflows
Organizational Change Through The Power Of Why - DevSecOps Enablement
22:11 MIN
Key takeaways for building a security culture
Organizational Change Through The Power Of Why - DevSecOps Enablement
55:17 MIN
Avoiding common security mistakes and giving better feedback
The weekly developer show: Boosting Python with CUDA, CSS Updates & Navigating New Tech Stacks
Featured Partners
Related Videos
21:53Simple Steps to Kill DevSec without Giving Up on Security
Isaac Evans
48:02Building Security Champions
Tanya Janca
29:50Real-World Security for Busy Developers
Kevin Lewis
27:36Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?
Tino Sokic
22:18Why Security-First Development Helps You Ship Better Software Faster
Michael Wildpaner
24:01What The Hack is Web App Sec?
Jackie
27:32Security Pitfalls for Software Engineers
Jasmin Azemović
25:28How GitHub secures open source
Joseph Katsioloudes
From learning to earning
Jobs that call for the skills explored in this talk.
Quality and Security by Design Engineer (m/w/d)
AKDB Anstalt für kommunale Datenverarbeitung in Bayern
München, Germany
Intermediate
Senior
IT Security
Automated Testing
IT-Security Engineer Awarness Training and Security Roadmap
Paris Lodron-Universität Salzburg
Powershell
Windows Server
Microsoft Office
Scripting (Bash/Python/Go/Ruby)
Security Engineer - Scrum Master
SD Worx Staffing Solutions
Senior
Scrum
DevOps
Python
Powershell
Data analysis