Last week we witnessed a milestone for the FinDevSecOps community: our first DevSecOps hackathon. It was a powerful step forward in reshaping the way we approach secure software development for FinTech.
Denis Makrushin
Denis Makrushin
Denis is chief technology officer of cybersecurity product line at telecommunications company. He is responsible for product development, defining technology strategy and driving future technical innovation.
Last year we met in Serbia. This time the amazing place can be described in three words: hot, wet, bright.
If you ask a product security engineer, what is the main entry point for an organization’s adversary to gain access to their crown jewels, he would answer: “a human.” He most likely means those employees with a low level of security awareness. In today’s reality, security engineers are the guards of employees’ security-related code of conduct. But who guards the guards?
Based on real scenarios of supply chain attacks, we’ve performed for various software developing companies, we demonstrated the weakest points of the “Agile Security” paradigm in software development lifecycle and redefine Code of Conduct for product security.
The research is presented at OWASP Israel.