Ever since the Melissa virus struck the world in 1999 Gustav has a had an interest in software security. He started out investigating security architectures for web-based CRM-systems as a software engineer and than continued with pioneering work on Agile security engineering as a researcher at KTH and the Swedish Insitute of Computer Science in Stockholm. Work that he has since applied practically when working as a consultant and teacher in application security and Agile software development. He now works as an Agile software consultant at Crisp in Sweden and has been a speaker on XP/Agile Universe, ICSE and Agile Prague.
Securely dispose of your waste – Security in your process
Having a secure product is not something most users consider optional, yet still in this day and age, most development teams develop software with marginal knowledge about security. This leads to huge amounts of waste when security bugs surface before release, or even worse, get exploited. In many cases it can even drive the company out of business. On the other hand many teams feel hampered by too rigorous security processes that can slow down the delivery of new features. There is a need for more pragmatic, agile security. In this talk we present practical ways of dealing with security in your product that harmonize with modern development while at the same time integrating crucial security engineering activities to ensure that security is Built-In from the start.