Enterprise Application Risk Profiling
A talk on application risk profiling on an enterprise scale (an OWASP SAMM activity - https://owaspsamm.org/model/design/threat-assessment/stream-a/). I will discuss digital transformation in the enterprise, how it impacts cloud native applications developed using agile methodologies and as a result, an oscillating application risk rating, which then triggers prioritized security-related activities by application security engineers.
Key topics will include:
Creating a baseline application risk profile
Dynamic characteristics of application risk factors
Significant changes that trigger security reviews
Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
Learn more about Snyk http://bit.ly/snyk-io