Why Can’t We Be Friends? Building Relationships with Developers to Improve Application Security
Security Engineers don't trust developers, and developers seem to only hear 'no' from security teams. This talk will discuss how to bridge the gap in understanding between software developers and security professionals, and will outline practical tips for building relationships and trust. The speaker will give relatable stories from past experience as both a software developer and a security engineer, along with specific takeaways for how to turn even the most skeptical software developers into enthusiastic champions of security.
Melodie got her start in Information Security after several years as a software developer in the regulated environments of FinTech and Healthcare, where her interest in Application Security continued to grow. After continued frustrations with Security teams blocking her development teams from meeting deliverable deadlines, Melodie decided she could contribute to bridging the gap between traditional Security and Agile software development teams.
Melodie works as an Application Security Engineer at Pendo.io, a Raleigh software startup, and is a regular participant of local InfoSec conferences and CTF competitions.