While an AppSec strategy based on scanning will help you find flaws, the best approach also avoids creating flaws in the first place. Yet developers often don’t have the training they need to prevent, identify, or remediate code vulnerabilities. In addition, security teams often don't have the bandwidth or expertise to teach development teams themselves. At the same time, existing training solutions are lengthy, generic, often just plain boring, and produce lackluster results.
How can organizations enable their development teams with the skills they need to code securely? Watch this VeraTalk where Veracode's director of developer relations Rey Bango will be digging into this developer security training conundrum. He'll cover:
• The security skills and know-how developers need today
• The types of security training that work
• The role of security champions
• How the security and development teams can work together to ensure code is created securely from the start