before and after

before and after

John Dickson - Can Application Security Training Make Developers Build Less Vulnerable Code

57m ago
SOURCE  

Description

From AppSecEU 2014 in Cambridge https://2014.appsec.eu/ This presentation shares the results of a yearlong survey of nearly 600 software developers that captures their knowledge of application security before and after formal training. The survey queries developers from various backgrounds and industries, to better understand their exposure to secure development concepts and to capture a baseline for post-training improvements. The session also includes the results of a "retest" of a subset of respondents, to identify how much security knowledge they retained after a specific length of time. The results were surprising, and include information every application risk manager should know, particularly those who rely on training as part of an application security strategy. Speakers John Dickson Principal, Denim Group John Dickson is a Principal at Denim Group, Ltd. and a CISSP who helps CSOs manage secure software initiatives. He is a Distinguished Fellow of ISSA and one of the civilian advisers to the Air Force Space Command, which organizes, trains and equips cyberspace forces to conduct network defense, attack and exploitation. Dickson is a former U.S. Air Force officer who specialized in network defense and command and control while on active duty and Air Force Reserves. He joined Denim Group after... - Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP_Media_Project