AppSec: From Mail to E-Government Portals
Moderator: Yury Gordeyev
The SDLC issue stormed into the information security industry of Russia — quickly, unexpectedly, and irrevocably. Today many of us speak about secured development, static and dynamic analysis, and developers training. Some touch upon this issue because it has become very topical. Some deal with it because it has been included into the regulative documents of FSTEK or because of serious concern about their software security and resistance to targeted or random attacks. What is a correct systems development life cycle (SDLC)? What components is it composed of? How to automate this task? What rocks are hidden? What are the best practices of the world's famous companies? All these questions will be covered by the specialists of the companies known in Russia and other countries.
Mushtaq Ahmed, security manager, Emirates (UAE)
Vineet Bhatia, security manager, Emirates (UAE)
Rohit Ambosta, CISO at Financial Technologies (India)
Ilya Sachkov, Head of Group-IB (Russia)
Vladimir Dubrovin, Head of the Testing Team, Mail.Ru (Russia)
Anna Armarchuk, Yandex.Money (Russia)
Andrey Bershadsky, lead expert at Positive Technologies (Russia)
Yury Gordeyev is the editer-in-chief of the magazine Bankovskiye Tekhnologiyi.