ConfPad

This talk is focused on understanding the malicious user and the not-so-malicious, but ever-present, human error. We will review how to embed stress testing throughout the development lifecycle, and more importantly how to know if you have an effective tester. We will talk about common issues found in my experience, along with different approaches you can take to change the behaviours of your development team. Security and privacy by design are not simply done, it takes motivation across the organisation, and knowledge on where to start. My hope is that following this talk, you will not only be able to identify where to start but also how to continue to grow in your secure development lifecycle.