Application security expertise is limited in organizations and it can be challenging to ensure development teams get the necessary training to build secure and compliant products. Innovative training techniques such as hands-on coding exercises, gamification and micro learning have gained popularity but are they effective? In this presentation we will share the results of a 2022 primary research study, customer interviews, as well as provide insights that reveal how developers educate themselves today and what they find most valuable from a training perspective. We will also introduce models of how organizations can help to optimize staff time spent on training while improving developer centric AppSec knowledge and building team culture through: Incentivizing and scaling industry-recognized certifications while delivering coding language and role-specific training to secure all stages of the SDLC Delivery of Just-in-Time contextual training that fits into developers' workflow Introducing trackable mechanisms to monitor the relationship between the granular dissemination of security knowledge to the reduction of product vulnerabilities and risk.
Understand problems developers face with training & reference material
Understand the level of maturity and knowledge of security in developers
Assess the reception of developers to different techniques and formats
Distinguish the needs of the developer vs. business decision makers
How to Claim CPE for Recordings
Watch the entire video
Your viewing time will be tracked. Once at least 75% of the video has been viewed, click the "CE Information" tab underneath the video
Take the evaluation to earn credit. The evalution is required to earn credit for on-demand CPE.
Note, speeding up video playback may impact your ability to obtain CPE.