Super proud to announce I’m heading to Perth later this year to talk at the Security BSides Perth conference about getting closer collaboration between defenders, engineers and external security testers. The talk is entitled "Caring for our pen tester friends”.
Quality assurance teams are becoming more context driven and collaborative. QA Testers are now needed from design through to supporting their applications into production.
Yet we still ask external security testers to test our applications engaging them at the end just before we ship to production. Often armed with very little handover we ask them “Did we built it securely?”.
I see a big gap between external security testers and development teams, its making life hard for both teams. I also see the damage it does to good security testing. Its time to bring these two team closer together and start take better care of our pen tester friends.
This talk covers advice for both engineering teams and their external penetration testers on collaborating more, ensuring the right context is exchanged and the teams work together for better security testing outcomes.
Looking forward to it and all the other talks released so far. Its going to be an outstanding weekend. The full line up is posted here.
If your coming along do come say hi :)