Cultivating Security Skills Through Testing, Tools and Training

No ratings

Presented at CISOwashington 2014 by

Over the last five years, Thomson Reuters has built an application security testing program that trains developers to find and remediate flaws on their own — resulting in more than 250,000 flaws fixed since the program’s inception. Coupled with an e-learning initiative that has sent 7,500 developers, QA testers and architects through at least one of three increasingly technical stages, this low-cost strategy for growing skill sets has earned praise from employees and executives alike. In this session, Tim Mathias discusses Thomson Reuters’ future plans for leveraging investments in training and tool sets, and champions the effectiveness of a holistic approach to application security.