PDUG Meetup. SSDL for managers: how to transfer the team to a safe development and not shoot yourself in the foot

Software security becomes the most important component of its quality. However, the traditional development process does not always allow you to create protected applications from scratch, and the elimination of vulnerabilities in the finished software requires serious time and material costs. Embedding the Secure Software Development Lifecycle into the overall software development cycle comes to the rescue. There are already a number of techniques, real cases have accumulated, but there is no comprehensive guide that would guarantee the success of the transition to SSDL.

So how to introduce SSDL practices and not lose control of the situation? What to do yourself and what to teach your specialists?
')
These and other issues can be discussed on November 25 at the Microsoft Technology Center, where PDUG Meetup will take place: SSDL for Management is a meeting for R & D and information security managers who manage large projects and development teams.

The event will be devoted to the exchange of real-world experience in implementing SSDL practices. During the reports and open discussion, many sensitive topics will be discussed: resource planning, organizational measures before, during and after implementation, problems of controlling changes and evaluating the effectiveness of SSDL projects, communication and motivational difficulties.

The program of the meeting includes speeches by Valery Boronin, head of solutions for building the secure development process of Positive Technologies, and Stas Pavlov, technical evangelist of Microsoft.

In addition, the meeting will feature case studies on building a secure development process using Microsoft TFS and PT Application Inspector SSDL Edition tools for analyzing the security of web applications.

The event is free, but the number of seats is limited. To participate, apply .