The mid-April breakfast seminar I am giving in Stockholm still has plenty of space. If you happen to know anyone who would benefit from attending, please let them know!
Calling all Swedes interested in software security. (Thanks for passing this on.)
I am giving two #swsec breakfast seminars back to back mid-April. If you are in Sweden, Norway or Finland, please consider coming. Pass it on to those who may be interested.
@seniorfrosk@cigitalgem it was called Reliable Software Technologies (rstcorp.com). We changed the name to cigital in 2001. 15 years later, we sold it to synopsys. It remains the main engine in the synopsys #swsec software integrity group which they are currently trying to sell.
Many of us in AppSec have been saying this for a while. Your developers are part of the cybersecurity workforce and must be trained that way in college.
"It is long overdue for academia to reconsider their role in producing a software developer workforce that enables increasingly damaging cyberattacks."
@phf@Weld Absolutely agree. I trained execs at Qualcomm in the Boardroom as well as all in-house lawyers on #swsec personally (way back when past the statute of limitations). Made a huge difference. (tagging @againsthimself)
@seniorfrosk oh I just retired, that's all. In my view the most important work in #swsec is being done by Irius Risk (threat modeling automation) and Legit Security (sw supply chain management).
I am reminded of the very early days of #swsec#appsec where all we did was talk about attacks. Penetrate and patch won’t work here in my view. We therefore need to focus on design by security versus red teaming.
The #MATCH webinar will begin in 5 minutes:
Machine learning #ML
Artificial intelligence #AI
Threat modeling #threatmodeling
Compliance
How the heck these link together #MLsec#swsec