Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
Application security without   rose-colored glasses   From perspective of an infosecurity         community member
How we see software development
How we see software developers
How we think we work together
How we think security controls     are implemented
But in reality it looks different…
In reality software looks more like this
How software is maintained
How we see ourselves
How we feel they see us
How they really see us
How we see policies
How they see policies
How they see our initiatives
What we get in the end
Where this leads to
Why is this happening?
#1. Communication vacuum                We are sending              this artifact to save                  their planet   ...
#2. No balance between the desiredresult and effort needed to be spent in          order to achieve it
How to fix this?
Communication is the key1. Eliminate vacuum in communications2. Get closer to target audience, talk to them, get their   f...
Policy maintenance is a            continuous process                Policy                      Policy                   ...
P.S.
How they see me
How I see myself
Contact me:mikhail@samoylenko.me                        10/10/2012
Prochain SlideShare
Chargement dans…5
×

Application Security without rose colored glasses

682 vues

Publié le

  • If you need your papers to be written and if you are not that kind of person who likes to do researches and analyze something - you should definitely contact these guys! They are awesome ⇒⇒⇒WRITE-MY-PAPER.net ⇐⇐⇐
       Répondre 
    Voulez-vous vraiment ?  Oui  Non
    Votre message apparaîtra ici
  • Soyez le premier à aimer ceci

Application Security without rose colored glasses

  1. 1. Application security without rose-colored glasses From perspective of an infosecurity community member
  2. 2. How we see software development
  3. 3. How we see software developers
  4. 4. How we think we work together
  5. 5. How we think security controls are implemented
  6. 6. But in reality it looks different…
  7. 7. In reality software looks more like this
  8. 8. How software is maintained
  9. 9. How we see ourselves
  10. 10. How we feel they see us
  11. 11. How they really see us
  12. 12. How we see policies
  13. 13. How they see policies
  14. 14. How they see our initiatives
  15. 15. What we get in the end
  16. 16. Where this leads to
  17. 17. Why is this happening?
  18. 18. #1. Communication vacuum We are sending this artifact to save their planet Complete vacuum What is this? Where has it come from? What do we do with it? ? ? ?
  19. 19. #2. No balance between the desiredresult and effort needed to be spent in order to achieve it
  20. 20. How to fix this?
  21. 21. Communication is the key1. Eliminate vacuum in communications2. Get closer to target audience, talk to them, get their feedback3. Work together to ensure that the target is realistic to achieve and all necessary tools and resources are available4. Find balance between desired result and effort spent to achieve it – otherwise there will be no result at all5. Don’t stop when agreement is made and artifacts are produced. This is only the beginning6. Continuously analyze results of your work and try to find sources of any issues, adjust accordingly
  22. 22. Policy maintenance is a continuous process Policy Policy PublicationAdjustments Feedback Publication Report to manager Analysis of Done Results
  23. 23. P.S.
  24. 24. How they see me
  25. 25. How I see myself
  26. 26. Contact me:mikhail@samoylenko.me 10/10/2012

×