The DevOps Movement has won, and all too often, left security wondering what our role is in the new world. Effective collaboration requires new skills, new approaches, and a new speed. We'll look at all three, how security can collaborate, how we can engage before a line of code has been written, and how we can benefit from the directions the world is going.


Adam Shostack
Shostack & Associates
President

I'm an entrepreneur, technologist, author and game designer, focused on improving security outcomes for my customers and the industry as a whole. To solve these problems, I create a wide variety of companies and organizations, software, new analytic frameworks, as well as books, games and other forms of communication. I've built these at tiny startups and at Microsoft.

In my time at Microsoft, I focused on human factors in security, including usable security and measuring how our customers' computers are compromised. I also worked on threat modeling tools and techniques, and have shipped two tools (one software, one a card game) to help software engineers analyze their software designs for security flaws. In that role, I was a key driver for Microsoft's Software Development Lifecycle.

I'm the author of Threat Modeling: Designing for Security (Wiley, 2014) and the co-author of The New School of Information Security (Addison-Wesley, 2008).

-

Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP...