Enterprise Application Security - Ge'S Approach To Solving Root Cause And Establishing A Center Of Excellence
No ratings
Presented at OWASP Appsec 2009 by
GE has established a holistic Application Security Program that seeks to detect, correct and prevent security defects throughout the application lifecycle. The program is focused on finding defects early in the development process and fixing the root cause through company-wide deployment of Guidance, Education, Tools and Metrics. The program's "Center or Excellence" has assessed several thousand applications across different GE business units and has observed, through metrics, a significant improvement in the security of the applications being deployed over the past several years. This presentation analyzes some of the critical success factors for this program and shares key performance indicators that demonstrate how these programs are making a difference in the overall security of source code.