Operating Models for Modern Software Security

At a high level, an operating model is composed of people, processes, and technologies. What does that look like for modern Software Security programs? Well… it depends!

Some considerations we’ll cover are:

• How do small, medium, and large organizations handle AppSec or CloudSec?
• Who owns, configures, and supports tools within the program, as well as define policies and standards to protect and secure the organization?
• What functions or responsibilities are needed to drive cultural adoption?
• What are ways to measure the effectiveness of security, development, and operations working together?
• Is it possible to standardize a model that’s flexible to enable and grow along with the business?

This is not a presentation, but rather a topic-focused discussion where we'll address these questions and more. Come and bring your opinions, or just listen and learn. It's always a great chat with great people!