Software Security: Keeping Pace with Rapid Development

Explore a comprehensive conference talk on software security in the era of rapid development. Learn about the challenges of maintaining robust security practices amidst accelerated software delivery methods like microservices, agile development, CI/CD, and containerization. Discover the essential components of an effective software security assurance program that can scale with growing software complexity and shorter delivery times. Gain insights into the Software Assurance Maturity Model, strategies for addressing skill gaps, managing increased attack surfaces, and collaborating with external security teams. Understand the importance of documentation, communication, and third-party reviews in maintaining security standards while keeping pace with modern development speeds.

Introduction
Speed of development
Activities
Software Assurance maturity model
How can security keep up
Documentation and communication
Solving for the skill gap
Dealing with increased surface area
QA
Evidence
Thirdparty reviews
Working with external security teams