SDLC - How we can improve security in our development by making it an integrated part of the development process. Today we use a large variety of tools for improving our development experience and process. We have unit tests to make sure our code performs like we intend. Code reviews for sharing knowledge and catching bugs. We use automated deployment to ensure that what we build is what we deliver, and we can package this with containers. With all these things in our pipelines, we have a strong foundation for adding security to our development process without having to radically restructure how we work.
Have you seen a fire breathing dragon dual wield My little pony figurines? How about an IT Security employee with a burning passion for keeping users safe and security fun? Siren Hofvander delivers on the latter and strives for the former in her daily job as CSO for Docly - responsible for the security of not only the patient data but also the service itself. She is an expert of embedded security and specialises in building security into the SDLC and firmly believes that security is a task for everyone, not just the hacker elite. She also heads up the Malmö based IT Security group SecuriTea and is an avid forum contributor.