logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Clara Andress
2022-11-17

Cyber Security has many diverse fields within it, from helping engineers learn secure coding principles to securing networks and hosts. By the end of this talk, you will understand the differences between some of these paths, how to leverage existing skills, and how to level up and learn new skills to help you on the road to becoming a cyber security professional.
Authors: Stefania Chaplin
2021-09-24

tldr - powered by Generative AI

The presentation discusses the importance of embedding security at every stage of the development process and highlights the prevalence of human error in causing data breaches.
  • Developers spend only a small percentage of their time writing code, with the majority spent on debugging and fixing vulnerabilities.
  • There are over 125 vulnerabilities, with the top 21 accounting for 400 CWEs, including design vulnerabilities, SSRF, CSRF, and authentication.
  • Embedding security at every stage is crucial, including threat modeling, policies as code, peer reviews, and penetration testing.
  • Insufficient logging and monitoring is a significant issue, and incident response teams are essential in containing and mitigating the damage of a breach.
  • Human error is a prevalent cause of data breaches, accounting for 25% of all breaches in 2020.
  • Developers are motivated by features and functions, while security is focused on finding problems.