We’re going to take a look at how we used to measure the security maturity of the software that development teams delivered.

There have been significant improvements in the information and tooling available recently, some new standards are emerging and starting to reflect this also.

In this talk Kim will: Revisit the past, what we as development teams had in our infosec arsenal, how confusing it was and how much manual work we were expected to do to measure up. A detailed look at what we have today, and what the future looks like as a software development team with security as a priority.

$ whoami⌗

Kim is the published author of many information security books specifically targeting Software Engineers, DevOps Engineers and Architects. He has hosted and been a guest on many podcasts involving information security, including being a host for Software Engineering Radio.

He has written over 100 blog posts covering software engineering and information security topics. Spoken at many international conferences and run many workshops helping Software Engineers understand and improve their information security.

Kim Pioneered the InfoSecNZ Slack. Served as the OWASP New Zealand Chapter Lead for Christchurch for eight years, and co-pioneered the Christchurch Hacker Conference. Kim continues to consult with Software Engineering Teams on a daily basis to improve their security, quality and reduce their time to delivery.