Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Join us at AppSec California 2014!


AppSec California is the first of hopefully many annual conferences hosted by all of the California chapters. Join us on the beaches of Santa Monica which is closest to our Los Angeles Chapter. Space is limited to around 200 attendees so be sure to get your ticket before we sell out!

Come a little early or stay the rest of the week; however you enjoy it, the weather is likely going to be warmer than where you are. Enjoy the Santa Monica pier and downtown area or explore the surrounding cities. You probably have a client or 10 near by too so say hello to them too.

Stay tuned as activities around the event are updated and more speakers are added to the lineup. A schedule will come at some point.


Register today! 
View analytic
Monday, January 27 • 1:45pm - 2:45pm
Can AppSec Training Really Make a Smarter Developer?

Sign up or log in to save this to your schedule and see who's attending!

Most application risk managers agree that training software developers to understand security concepts can be an important part of any software security program. Couple that with the Payment Card Industry, who mandate that developers should have training in secure coding techniques as laid out in their Data Security Standard. Yet others call developer training "compliance-ware," a necessary evil and a tax on software development in the enterprise.
This presentation shares the results of a yearlong survey of nearly 1,000 software developers that captures their knowledge of application security before and after formal training. The survey queries developers from various backgrounds and industries, to better understand their exposure to secure development concepts and to capture a baseline for post-training improvements. The session also includes the results of a "retest" of a subset of respondents, to identify how much security knowledge they retained after a specific length of time. The results were surprising, and include information every application risk manager should know, particularly those who rely on training as part of an application security strategy.

Speakers
avatar for John Dickson

John Dickson

Principal, Denim Group
John Dickson is a Principal at Denim Group, Ltd. and a CISSP who helps CSOs manage secure software initiatives. He is a Distinguished Fellow of ISSA and one of the civilian advisers to the Air Force Space Command, which organizes, trains and equips cyberspace forces to conduct network defense, attack and exploitation. Dickson is a former U.S. Air Force officer who specialized in network defense and command and control while on active duty and Air... Read More →


Monday January 27, 2014 1:45pm - 2:45pm
Track 3

Attendees (1)