OWASP Meeting in Krakow - Security in development lifecycle

Hi,

We are Polish chapter of OWASP - worldwide, non-profit organisation focused on application security issues.

Subject of our upcoming March meeting will be "Security in development lifecycle". How to achieve high quality, secure product without scarifying the "time to market"? What is more important - visible features or "transparent" security? How to convince all the team that they should commit to overall security of the code? What are the best security related initiatives that works in the real life?

If you are finding these questions relevant to your work or if you want to share your ideas for achieving secure applications - don't hesitate and join our meeting.

We have invited Monika Krysiak - QA specialist and product owner, to share her experience and ideas with introducing security into development process. Then we want you to share your ideas - what works and what not. How can we do something more than security testing at later stages of application development?

Agenda:

1. Smuggling Security Into a Software Project. A Guide for Cunning QAs (Monika Krysiak)
2. As Quality Assurance specialists, we are often overlooked in security processes. Developers might think of us as whiny negative Nancys but in reality, we have a lot of impact. After all, we won't allow releasing a defective product into production. I believe that QAs should start security testing and simple vulnerability assessment as the first line of defense. During my presentation, I'll show you how I've successfully done that in my past projects.
3. After the break, we will be hosting a discussion on strategies and best practices for embedding security into the entire development lifecycle. In today's fast-paced development environments, ensuring security isn't just about running tests or applying patches at the end of the cycle. It's about integrating security practices seamlessly into every phase of the software development lifecycle. This discussion will explore practical strategies, challenges, and success stories related to incorporating security from the early design stages to deployment and beyond. Let's brainstorm together on how we can foster a culture where security is everyone's responsibility, not just an afterthought.
4. There will be also a room for short lightning talks with discussion (typical format is 5-10 minute talk followed by 5-10 minute discussion). Please submit your ideas or just show up.
5. Job announcements. If you are an employer, there will be a chance to present who you are looking for.

Please RSVP and save the date!

If you have a minute, please share this invitation with friends and in your social media.