0      0

(ISC)2 Security Congress 2022

SC22ST5 - Solutions Theater Presentation - What Developers Want! - For Application Security Training & Education - Sponsored by Security Compass

Oct 10, 2022 9:35am ‐ Oct 10, 2022 9:55am


Application security expertise is limited in organizations and it can be challenging to ensure development teams get the necessary training to build secure and compliant products. Innovative training techniques such as hands-on coding exercises, gamification and micro learning have gained popularity but are they effective? In this presentation we will share the results of a 2022 primary research study, customer interviews, as well as provide insights that reveal how developers educate themselves today and what they find most valuable from a training perspective. We will also introduce models of how organizations can help to optimize staff time spent on training while improving developer centric AppSec knowledge and building team culture through: Incentivizing and scaling industry-recognized certifications while delivering coding language and role-specific training to secure all stages of the SDLC Delivery of Just-in-Time contextual training that fits into developers' workflow Introducing trackable mechanisms to monitor the relationship between the granular dissemination of security knowledge to the reduction of product vulnerabilities and risk.

Learning Objectives:
  • Understand problems developers face with training & reference material
  • Understand the level of maturity and knowledge of security in developers
  • Assess the reception of developers to different techniques and formats
  • Distinguish the needs of the developer vs. business decision makers


You must be logged in and own this session in order to post comments.