AI Assisted Decision Making of Security Review Needs for New Features
SDLC has evolved from the decadeold definition by Microsoft to Agile transformation and is finally trying to catch up with cloud development velocity. While the process is well understood in the industry, the execution varies a lot. How many times has it happened that we discovered a feature with security impact at the time it is getting shipped, or when a customer raises a concern and it is escalated to the security team, or in the worst case scenario, when there is a security incident We end up asking how this feature shipped in the blind spot of the security team Organizations have tried to solve this problem by adding more people to SDLC teams, adding Security Champions, Advocates in development orgs, and adding lengthy questionnaires which developers love to By: Mrityunjay Gautam, Pavan Kolachoor Full Abstract and Presentation Materials:
|
|