Maginot Line – 6 Common AppSec Anti-Patterns Preventing your Success
Is your AppSec program stalled or is it failing to meet your expectations? You may be victim of some common anti-patterns or set of plans or strategies that are keeping you from reaching your goals. Are you achieving your goals/meeting your metrics but have a sinking suspicion that your ultimate goal of reducing your company’s risk isn’t being met? As the French learned in WWII, a partial defense is no defense at all.
During my time working with clients to build their application security programs there are # behaviors that I’ve seen repeated by a number of businesses. For some companies they have created strategies that were logical, but did not work in practice, others were unable to see the forest for the trees and created plans that were too myopic.
In this talk I will review the most common anti-patterns and suggest ways to make corrections for a more effective AppSec program.
What you will learn:
- Common AppSec anti-patterns
- Strategies to get it right
- I’ll just protect the critical apps
- What open source?
- Security Mandate
- AppSec team has to do it