- Risk based approach is the goal
- Align to business strategy of 2-5 years direction with leadership buy-in, tactical step can be taken to adapt
- Need for measureable results via metrics
- Focus on IT weaknesses specific to organization
- Unique challenges but same approach can apply
- Find your application influencers
- It's a marathon not a sprint
- Remediation consideration for compliance and allowance for stead state before validation
- Remember appsec capabilities including stocking up on your tool belt
- Considerations: app assessment compliance/design | Threat modeling | Attack and Pen | Secure dev training | Full integration and security toll-gates in SDLC | Vendor risk management concept
spotlight with Rich (Latayan360@Outlook.com) - espresso to Security Business Leadership - splash of key note speaker @CISOmd
Friday, January 29, 2016
AppSec gap continue to be theory vs practice - preso
ISACA Chicago presentation on application security identifies focus areas:
Subscribe to:
Post Comments (Atom)
25FB2BD46C
ReplyDeletemmorpg oyunlar
sms onay
vodafone mobil ödeme bozdurma
en güvenilir takipçi satın alma sitesi
fake takipçi
C63535C4C7
ReplyDeletekiralık hacker
hacker arıyorum
belek
kadriye
serik
3B716470
ReplyDeleteesçort bayan kırıkkale
esçort sinop
esçort ağrı
malatya esçort numaraları
çatalca esçort
esçort bayan bayburt
kartal anal esçort
gaziantep rus esçort
esçort artvin