Come join us at iHub on the 18th of July as we host Glenn Ten Cate who is the ING Security Chapter leader at ING Belgium for this talk.
Where do we find the right balance between security test automation and manual verification? How do we train developers to understand the metrics and make security part of their process and culture? This could be achieved by setting up an (S)SDLC, but what does a good (S)SDLC consist of?
This talk will guide everybody from big corporations like banks or government to the enthusiastic developer willing to take the maturity of their security in software development to a higher level.
Glenn has over 15 years experience in the field of security. As a coder, hacker, speaker, trainer and security researcher employed at ING bank in Belgium as the Security Manager, He is one of the founders of defensive development def[dev]eu - a security trainings series dedicated to helping you build and maintain secure software and has also spoken at multiple other security conferences in the world. Glenn is also one of the founders of Contrahack.io a security consultancy company located in Kenya that offers manual penetration testing, code audits, automated vulnerability scanning, social engineering and many more security consultancy services and has experience with Government, Healthcare, Military, Banks and others in the industry. Not only does Glenn train developers, he and his brother Riccardo also developed an entire open-source knowledge framework solely dedicated to helping developers make their code secure by design, through OWASP. See: SKF (Security knowledge framework) . Glenn also has expertise on implementing security test automation in CI/CD pipelines. This helps create short feedback loops back to the developer and prevents bugs from getting into production during an early phase of the development lifecycle.