Nick Vennaro, AegisSecurityWorks
In the software development process security is often times left to the end – first we make it work; then we make it perform; and lastly we make it secure. Building security into the application is far cheaper, more efficient, and ultimately better control is achieved if security is addressed throughout the entire project lifecycle.
  
This presentation is about making systemic changes to insure that security is built into the SDLC (software development life-cycle) process. The focus will be on specific methods that can be employed to modify your requirements gathering efforts, development practices, governance models, and QA processes to be sure that security requirements are being addressed early and often. Changing the development structure by using design patterns, quality review procedures, tools, and governance models will be discussed. You will learn how other companies – Fortune 100 as well as .coms have successfully addressed these issues. In addition, you will gain specific tips on what security requirements should be included in this new development structure.

This topic should be of interest to Developers, Architects, and Managers who want to be proactive in meeting escalating security requirements, including compliance practices mandated by recent state and federal laws.  

Nick Vennaro is the Chief Security Architect at AegisSecurityWorks. Nick has over 20 years of software engineering, project leadership, and security experience. Nick has worked on major technology projects in North America and Western Europe for some of the largest companies in the world. ASW is Nick’s second entrepreneurial effort; his first company was sold in 1999. Nick has a master’s degree in Computer Science, an MBA in finance and an undergraduate degree in genetics. He can be reached at nxv at AegisSecurityWorks dot (com).