Pushing Left Like A Boss - Application Security Foundations

Discover essential application security foundations in this 23-minute conference talk from AppSec EU 2017. Learn about the concept of 'Pushing Left' in the Software Development Life Cycle (SDLC) and its importance in addressing security issues early. Explore various strategies to implement security measures throughout the development process, including vulnerability scanning, red team exercises, developer education programs, and bug bounties. Gain insights into the current state of penetration testing and incident response, and understand why focusing on prevention is crucial. Suitable for developers, operations professionals, dev-ops teams, AppSec newcomers, managers, and security professionals from other fields, this talk covers topics such as threat modeling, code testing, and practical approaches to integrate security into your development workflow.

Intro
What is 'Pushing Left'?
Current state Pen Testing
Pushing Left: The Main Course
Pushing Left: The Gravy
Pushing Left: The Dessert
Pushing Left: Testing Your Code
Pushing Left: Threat Modeling