Speaker
Description
In the presentation, we will share select experiences and observations collected throughout more than 20 years of code and infrastructure audits, pen-tests and teaching activities. We want to describe our best practices while improving the security of bespoke software solutions developed at PSNC and our partners within the GÉANT community – usually under tight time and resource constraints.
Then, we will summarise the experience gathered conducting classes for computer science students at PUT (Poznan University of Technology) and executing over a dozen Secure Coding Training (SCT) events for GÉANT. We will show why the Secure Development Life Cycle is important and how we can foster its adoption among junior staff, especially developers and, hopefully, senior management.
Finally, We will identify the gaps in the education of young generations and show how we can improve University curricula to match market expectations and arm the graduates with a more realistic perception of the contemporary threat landscape.
