Pragmatic Approaches to Building Secure Software

In these times of first-to-market pressure, software quality attributes such as security take a back seat. The hacking instances are on the rise, an indication of vulnerable software being shipped. Software deployed on Cloud adds yet another degree of exposure and includes the platform as a vulnerability, not to mention the vulnerabilities of generative AI.

Come join a group of security professionals in a lively panel discussion on the common sense practices that yield a secure software. This will be a broad discussion on secure software development life cycle including shift left processes, vulnerability testing, test tools, and post deployment activities. The panel will also emphasize the importance of the deployment environment. The panelists bring a wealth of experience to the table.

Bhushan Gupta profile pictureModerator: Bhushan Gupta, PNSQC

Bhushan Gupta has been associated with PNSQC since 1999. After spending 10 years in academia, he spent 20 years in the high tech industry as a software developer, quality engineer, productivity manager, and process improvement lead. At present, he is a Web Application Security researcher and speaks at international trade conferences and leads workshops in best practices for secure web application development. You can find more about Bhushan at bgupta.com.


Brian Myers profile picturePanelist: Brian Myers

Brian Myers (PhD, CISSP, CCSK) worked on software development teams for over 20 years before moving to information security. He helped build software at companies such as Borland, Netscape, and WebMD Health Services. While at WebMD he moved into security and became the company's Information Security Director and HIPAA Security Officer. Subsequently he started the first application security team at WorkBoard, a hypergrowth Silicon Valley startup, and then joined Leviathan Security Group as a Senior Security Advisor. Currently Brian works independently under the name SafetyLight LLC helping software businesses in the US and Canada establish effective and compliant information security programs.

Timothy D. Morgan profile picturePanelist: Timothy D. Morgan