VP, Security Architecture at Intralinks
Mushegh Hakhinian has been managing security initiatives for over a decade. He leads the security architecture practice at IntraLinks, a global fintech provider of inter-enterprise content management and collaboration solutions. He is a Certified Information Systems Security Professional, and is a frequent contributor to the IntraLinks security blog as well as industry publications. Prior to joining IntraLinks, Mr. Hakhinian lead security functions at a multi-tenant online banking service provider and an international bank. He had presented at several security conferences, such as the RSA Conference USA, Cloud Security Alliance Congress and InfoSecurity London.
Building application security with 0 money down
In this presentation we will share our experience in building application security process from the grounds up.
Secure development lifecycle models are well publicized. They seem to be self-explanatory on what needs to be done: threat modeling, composition analysis, static code analysis etc.
But we found out that knowing which steps to take and in which order affect immensely the time to eventually successful implementation. Early understanding and buy-in from both engineering management and engineers are invaluable. Last, but not least – carefully planning investments along the way is a major contributor to early successes.
Participants will learn:
– how to insert security checks into important stages of development lifecycle.
– most importantly – in what order introduce the security checks in the process to avoid distractions and maintain agility.
– what open source tools are available to minimize initial costs and get value from day one.
– how establish priorities for investments in tools and training
We will conclude the session with a demo of one of the tools. It is very important to have robust application security process, and though path to full implementation will be specific to each organization – knowing some common traits beforehand will assure the eventual success.