logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Stefania Chaplin
2021-09-24

tldr - powered by Generative AI

The presentation discusses the importance of embedding security at every stage of the development process and highlights the prevalence of human error in causing data breaches.
  • Developers spend only a small percentage of their time writing code, with the majority spent on debugging and fixing vulnerabilities.
  • There are over 125 vulnerabilities, with the top 21 accounting for 400 CWEs, including design vulnerabilities, SSRF, CSRF, and authentication.
  • Embedding security at every stage is crucial, including threat modeling, policies as code, peer reviews, and penetration testing.
  • Insufficient logging and monitoring is a significant issue, and incident response teams are essential in containing and mitigating the damage of a breach.
  • Human error is a prevalent cause of data breaches, accounting for 25% of all breaches in 2020.
  • Developers are motivated by features and functions, while security is focused on finding problems.