Why Unleashing Your Teams Software Security Potential is Necessary & How to Achieve It

Apps for smartphones and web browsers have become an indispensable part of our lives – even for sensitive topics like health and finance. Thus, development teams must be able to ensure the security of their apps despite the raising number of malicious attackers. In this talk, I firstly explain why software security matters and why all levels of a company must act. Then, I report about our software security study among German developers, product owners, and managers.

Here, I will show that most of them lack awareness and competence in software security but are willing to raise their skills and knowledge. Finally, I introduce the measures we developed to systematically unleash a company’s software security potential, among others: newly developed software security trainings (for security champions, product owners, and managers) and a new freely available maturity model for agile teams that enables them to raise their software security competence step-by-step in a cost-efficient manner.