Interop is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

2020 Programming

How is IT changing? What are the new technologies? How is my job changing?

At Interop Digital, we nurture every aspect of your career by offering content across all key technologies and stages of your career. Experience collaboration and innovation with the industry’s most thought after leaders.

Sign In Create Account Export | Need Help?
All Sessions Speakers My Schedule

Keeping Up With Security – Secure Software Development Life-Cycle

Priyanka Pant  (Vice President Software Engineering, Mastercard)

Date: Wednesday, October 7

Time: 11:00 am - 11:35 am

Pass Type: Certification + Conference, Training + Conference, Conference Only - Get your pass now!

Event Type: Session

Track: Security

Vault Recording: TBD

Audience Level: All

This session talks about an important aspect of digital transformation which includes application modernization techniques with Shift-left approach embedding security early in the Software Development Life Cycle (SDLC). It highlights the difference between quality and security showcasing DevSecOps practices in Continuous Integration/Delivery (CICD) lifecycle. We’ll cover the following during our 35-minutes:

  • Importance of security tools In Ci-CD pipeline for Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), Fuzz, Penetration, Resiliency Testing etc. is well explained.
  • Concepts like Behavior Driven Development, Test Driven Development, Threat Modeling, Vulnerability Scans, Security Champions, Secure Code Reviews and how they fit in with secure agile practices are also covered.
  • It takes a deep dive and illustrates examples of Threat Modeling methodologies.
  • Provides guidelines on building secure software with Encryption, Data Protection, Authentication Management, Input Validation, Traffic Controls and protection against security threats.
  • Brings to light dangerous, insecure code that should be rejected during code reviews.