Maximizing for fixed vulnerabilities

Here we are, the rate of security breaches has accelerated dramatically. The security industry has become better at detecting vulnerabilities in almost every aspect, but that led to an inundating amount of noise. The game is changing, and its new name is maximizing for fixed vulnerabilities.

This talk starts by describing the root cause of security problem we are facing globally and why we are in the current position. We then further explore the challenges between eliminating existing security debt, and preventing new vulnerabilities from being introduced, while taking the opportunity to train developers. Each of the challenges will provide important observations about current security scanning techniques, their strengths and weaknesses. Finally, we’ll provide characteristics of effective AppSec programs to conclude the talk and equip the audience with all the information they need to make a positive change in their organizations.