Michael Wildpaner
Why Security-First Development Helps You Ship Better Software Faster
#1about 4 minutes
The paradox of security and development speed
Security and reliability are foundational business needs, and focusing on them early can paradoxically accelerate the entire delivery lifecycle.
#2about 2 minutes
Optimizing for developer flow and experience
Security tools should be designed to preserve developer flow and minimize context switching to avoid making daily work miserable.
#3about 3 minutes
Integrating security across the development lifecycle
Security can be integrated at multiple stages, from initial project design and coding to the pre-commit and code review phases.
#4about 3 minutes
Understanding static analysis security testing (SAST)
Static analysis tools scan source code, infrastructure as code, containers, and dependencies to find vulnerabilities before the code is run.
#5about 4 minutes
Exploring dynamic analysis security testing (DAST)
Dynamic analysis tests running systems through techniques like web application scanning, API fuzzing, and overload testing to find runtime vulnerabilities.
#6about 3 minutes
Scaling AppSec teams by empowering developers
Shifting security responsibilities to developers helps the typically smaller AppSec team scale and focus on systemic architectural problems.
#7about 2 minutes
Future trends including AI and platform consolidation
The future of security involves AI-powered remediation and consolidated development platforms that embed security policies for the entire organization.
#8about 2 minutes
Key requirements for effective security tools
Modern security tools must be accurate to avoid false positives, provide context, and offer automated remediation to be truly effective.
Related jobs
Jobs that call for the skills explored in this talk.
Matching moments
04:46 MIN
Shifting security testing left in the development lifecycle
Vue3 practical development
05:33 MIN
Integrating security earlier in the development lifecycle
Vulnerable VS Code extensions are now at your front door
42:21 MIN
The modern DevSecOps approach to application security
Maturity assessment for technicians or how I learned to love OWASP SAMM
03:58 MIN
Why security must be integrated from the start
DevSecOps: Security in DevOps
02:55 MIN
Why security is often neglected in development
Security in modern Web Applications - OWASP to the rescue!
11:13 MIN
Hardening the CI/CD pipeline with automated security tools
You can’t hack what you can’t see
00:09 MIN
The evolution from traditional security to DevSecOps
DevSecOps culture
07:31 MIN
Balancing developer and stakeholder security priorities
What The Hack is Web App Sec?
Featured Partners
Related Videos
21:53Simple Steps to Kill DevSec without Giving Up on Security
Isaac Evans
29:50Real-World Security for Busy Developers
Kevin Lewis
08:27Get security done: streamlining application security with Aikido
Mia Neethling
23:34Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together
Stefania Chaplin
27:32Security Pitfalls for Software Engineers
Jasmin Azemović
28:30Empowering Developer Innovation - Balancing Speed, Security, and Scale
Amir Friedman, Martin Reynolds & Yair Etziony
25:28How GitHub secures open source
Joseph Katsioloudes
27:36Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?
Tino Sokic
Related Articles
View all articles
From learning to earning
Jobs that call for the skills explored in this talk.
{"@context":"https://schema.org/","@type":"JobPosting","title":"Software Engineer 2 - Full-Stack - Behavioral Security Products
Abnormal AI
Intermediate
Apache Kafka
DevSecOps Engineer Jr-Mid | Remote | *Attention - developers with a passion for security*
Punk Security Ltd.
Remote
€30-40K
Junior
Docker
Node.js
Kubernetes
+1
DevOps Security Engineer with Golang Development Focus
SAP AG
Sankt Leon-Rot, Germany
Junior
DevOps
Puppet
Docker
Ansible
Terraform
+2