While we as security professionals are busy building our product/application security programs based on our own experiences and goals, have we taken the time to learn about the needs/wants/challenges of the software developers whom it will affect?
Let's practice some empathy and really dive into the mind of developers by directly learning from attendees who are developers, examining the past experiences of those who were developers, and taking some time to understand their perspective. Based on this, we'll determine what changes, if any, we need to make to our programs.
Our open conversation format could take us anywhere, but here are some questions we'll likely address:
What is it like being a developer?
What do developers care about?
How can security teams work more effectively with developers?
How can developers work more effectively with security teams?
What are the goals and needs of both sides?
Be sure to invite your developer friends and let's learn from them!
Note: this is not a lecture/talk, but rather an open discussion driven by your own experiences and insights. Come share your knowledge and opinions, or just listen and learn, while we work together to come up with solutions that improve the software security landscape of our companies.
We do not record our sessions and follow Chatham House Rules in order to protect the privacy, identity, and reputation of our participants while encouraging open and honest conversation.
Colorado = Security
Check out our resources in the navigation bar.