Security reviews and assessments can take a lot of effort and still not provide the results you are looking for, especially in the face of ever-expanding web portfolios and supply chain risk. Application security teams are already stretched thin. But doing automation right and knowing where and what to look for can save you time and money - and make your organization more secure. HackerOne - curator of the world’s largest ethical hacker community - and PortSwigger - creators of Burp Suite, the world’s leading toolkit for web security testing - bring you key learnings that will help you develop best practices and ensure you’re getting the most from your investments in web security.
This workshop will provide tips from two perspectives: Leanne Shapton - application security engineer at Shopify and Joel Noguera, white hat ethical hacker. Topics include:
- Shopify’s approach to incorporate security into product review processes to support the development of their app-store and marketplace
- How automated vulnerability scanning complements penetration testing, bug bounty programmes and other security processes
- Advice for how security teams can partner with software developers
- How to balance automation with human intuition
- How to identify weaknesses faster to spend more time on what matters
If you have any questions, please email firstname.lastname@example.org.