Article by Jean-Baptiste Aviat about security challenges when operating at scale. The author sat with some of the best app sec teams operating today, and he figured there was a lot we could learn from them. The goal was to understand the challenges and the way these teams are working.
An application security (app sec) team’s mission is to increase the security of the services developed by their company without impacting the velocity of other software teams.
The article covers:
- What’s an app sec team?
- The modern app sec team’s philosophy
- Trust your developers
- Staying in the loop with new software projects
- How modern app sec teams keep track of applications
- Common tools modern app sec teams use today
Author really felt that the companies that manage to achieve the best level of security while maintaining the ability to iterate on software quickly are the ones where the developer teams and the app sec teams are all aligned around their shared end goal: delivering value to the company.
[Read More]