Accelerated AppSec – Hacking your Product Security Programme for Velocity and Value

Building a better programme using positive practices and tools

Contents

Course Content

Back to top ↑

The course can be tailored to specific audiences or use cases. It has a set of standard topics which are covered and other topics which may be included.

Be ready to leave the course with clear strategies and ideas on how to build a valuable product security programme with strong engineering support.

Summary of standard topics covered

Back to top ↑

In this one-of-a-kind course, you will learn how you can bridge the gap with engineering to build a valuable software security programme with topics including:

  • Getting buy-in and support from senior engineering and product leadership.
  • Understanding developer workflows and how to include security activities in a way that fits.
  • Becoming familiar with modern CI/CD processes and the security benefit they can bring.
  • Prioritising efforts and initiatives to bring the most software security value.
  • Driving a positive software security culture within the engineering team.
  • Creating processes around tools which fit your business and maximize your impact.
  • Customising and optimising tools to solve the most relevant problems for you.
  • Measuring your progress and demonstrating your value and improvement.
  • How to triage vulnerabilities effectively and focus on fixing what matters.
  • Techniques for various alternative forms of remediation.

Exercises

Back to top ↑

To bring the course to life and let you apply what you learn, you will work in teams (or individually if you prefer) on table-top exercises which simulate a variety of real challenges and situations which you might come across when building a software security program. These exercises are based on our highly successful model from previous courses and give you the opportunity to plan your approach and also explain and justify your decisions to simulated stakeholders.

To support your work on the exercises, you will receive copies of our in-house developed worksheets and tools that we use with development organisations to focus on what matters. You can then take these back with you and customise them for your own organisations.

Let's speak about this!

Back to Our Training