Delivery and Deployment

VSH15 Pushing Left Like a Boss: Application Security Foundation


2:30pm - 3:45pm

Level: Intermediate

Tanya Janca



With incident response and penetration testing currently receiving most of our application security dollars, it would appear that industry has decided to treat the symptom instead of the disease. “Pushing left” refers to starting security earlier in the SDLC; addressing the problem throughout the process. From scanning your code with a vulnerability scanner to red team exercises, developer education programs and bug bounties, this talk will show you how to ‘push left', like a boss.

You will learn:

  • What application security (AppSec) is and why it matters
  • What each common AppSec activities is, how it works and when to do it
  • What you as an attendee can do to “push left” and be a part of application security, immediately after the talk is over