« All Events

  • This event has passed.

AppSec Awareness Best Practices for Developer Training Programs

September 15, 2020 @ 11:00 am - 12:00 pm

Who says you can’t train and game at the same time?!
Checkmarx “TechTalk”
| September 15, 2020

Almost ALL research shows the origin of application attacks point to the lack of secure coding education, training, awareness, and skills. In fact, 70 percent of developers indicate they lack the necessary training to adequately secure the software they develop.

The facts show:

There are 22M software developers around the world (from Evans Data)

90% of security incidents result from defects in the design or code (from DHS)

21% of data breaches are the result of software vulnerabilities (from Verizon)

1 in 3 of newly scanned applications had SQL injection vulnerabilities over the past 5 years (from Cisco)

And there is a 100 to 1 ratio of developers as compared to application security personnel (from SANS institute)

Therefore, the best place to start is with the developers themselves!

 

 

 

We launched GovDevSecOpsHub to focus on the next evolution of application development, DevSecOps, which brings cybersecurity teams and tools into the development process sooner so that applications are more secure and safeguarded against cyber threats.

In  GovDevSecOpsHub we’ll look at the evolution from traditional software and application development to the DevOps model. We’ll talk about the importance of moving from DevOps to DevSecOps. We’ll highlight the technologies and cultural changes necessary to make this shift happen. And we’ll profile government organizations and executives that are the “boots on the ground” as the government pivots towards the DevSecOps model.