Secure Software Development: Principles and Practice

When: Monday, October 9, 2017
Where: PGH 563
Time: 11:00 AM – 12:30 PM

Speaker: Wendy Istvanick, ThoughtWorks

Host: Dr. Omprakash Gnawali

Security breaches are becoming more commonplace in today's world. One time security reviews just prior to release and static code analysis don't catch all critical vulnerabilities. Capturing them on a continuous basis as code is written forces us to think about how to secure the applications we are building from the start rather than waiting until the end. Following an Agile software process and incorporating these checks into our Continuous Delivery practices enables this. I cover how to incorporate a number of tools, available for multiple languages that facilitate the development of secure software.

Bio:

Wendy Istvanick has been a developer with ThoughtWorks for over 20 years and has enjoyed solving technical problems and making people happy along the way. She also loves to travel. So life as a consultant has been great, giving her many chances to enable solutions while
 living in places she never would have dreamed of living while growing up, including Brazil, France, India, and Zambia. In addition to coding on many projects she has had the opportunity to facilitate training both internal to ThoughtWorks and at client sites over the years thus being able to share her craft with others. Most recently this includes delivering application security training to consultants around the globe, including training other trainers to deliver the same material.