A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Empathy for the (Devel)oper: Lessons Learned Building An Application Security Module - Yolonda Smith NolaCon 2019 (Hacking Illustrated Series InfoSec <br>Tutorial Videos)


Empathy for the (Devel)oper: Lessons Learned Building An Application Security Module
Yolonda Smith

@ysmithND


Security teams spend a lot of time focused on the results and impact of what happens when applications FAIL at security. In turn, we have a bad habit of 'Monday-Morning-Quarterback'ing all the things that should have happened to prevent the security failure in the first place. But have you ever attempted to fully implement ALL of the security advice that's out there in conjunction with business priorities? Well, I did. In this presentation, I will share what I learned about what it takes to get application security right from design to delivery, how to communicate about REAL risk (without the FUD) and why we should eliminate the word 'just' from our remediation recommendations.



Yolonda Smith is a Lead Infosec Analyst with Target Corporation Business Information Security Office, aligned with the Digital portfolio. She provides security consultancy to developers and key stakeholders, ensuring Target's web and mobile applications are designed, developed and deployed with minimal risk to Target or its guests. \n\nPrior to Target, Yolonda served in the United States Air Force as a Cyberspace Operations Officer with responsibilities including Mission Commander, where she planned and executed the first DoD Hunting Missions to Flight Commander, where her team developed and fielded the first and only malware neutralization capability for the Predator Drone Weapon System.



Recorded at NolaCon 2019




Back to NolaCon 2019 video list


Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast