This is a post with all of the links and additional materials for a talk with Microsoft’s Ryan McDonald at RSAC 2025 titled Scaling AppSec With an SDLC for Citizen Development.

Abstract:

AppSec programs are difficult, filled with vulnerabilities. Overloaded staff and inadequate budget. The era of Citizen Development where non-IT folks develop code, often using LCNC tools, brings new challenges. The traditional approach of narrow scope and focus on crown jewels will no longer work. This session will reveal a solution to address increasing the scope to result in program remediation.

Resources

Reply

Avatar

or to participate

Keep Reading