Do you find yourself having trouble producing results at your company while you build your program from scratch? How long does it take to roll out your new processes, tool, or initiative?
When building out a product security program, we get excited about all the things related to our job. What sometimes happens is that we start many projects but have trouble pushing them to the finish line.
Whether you're a seasoned engineer that has practiced Agile or you don't know the difference between a Scrum and a sprint, this talk will help you start thinking about your product security projects in small, deliverable increments to help you produce value for your stakeholders.
No prior knowledge of Agile frameworks are required for this 100 level talk. Come with an open mind and leave with fresh ideas to help roll out your awesome tools and processes!
Michael Rossoni has a passion for Product Security, which he does for a large healthcare company while carrying over a decade and a half of software engineering experience. He's an electronics hobbyist, hardware hacker, and certified application security professional (GWEB, CSSLP) who voids warranties and breaks things to figure out how to make them better. He's been in the software engineering business professionally in a variety of roles, including product security (secure SDLC, tooling, code reviews, etc.), network-enabled embedded systems development, QA, and full stack development for both on premise and SaaS based solutions. He also plays role of sysadmin when necessary.
Event sponsored by Tech Collective.