Die Konferenz für
sichere Software- und Webentwicklung
Heidelberg, Print Media Academy, 24.-27. Oktober 2017

heise devSec 2017 » Programm »

// Keynote: Full Spectrum Engineer – The New Full-Stack

Software development is changing and so are the roles that developers need to play. Companies have been trying to fill their ranks with full-stack engineers to build monolithic apps. The move to DevOps and microservices demands new skills. Now a developer must become fluent in a different way. It is less about multi-layer and more about multi-discipline. Now a developer must become fluent in software testing, deployment, telemetry and even security. Developers will be responsible for securing their own work! The future software engineer will know about software security and will have automated tools at their disposal. There will still be security specialists but software security will no longer be a specialist discipline.

This means the "full spectrum engineer" must have the capability of also securing their own work. The future software engineer will know about software security and will have automated tools at their disposal.

We will still have specialists to go deep but software security will no longer be thought of as a specialist discipline.

Lernziele
* Gain an understanding of the history of different software methodologies and architecture
* Understand the business requirements driving different software development methodologies
* Identifiy the trends of specialization and generalization in software development
* Learn how security knowledge will become part of standard software engineering discipline
* Understand how security generalists and experts can work together to efficiently produce secure software

// Chris Wysopal Chris Wysopal

is Co-Founder, Chief Technology Officer at Veracode, which he co-founded in 2006. In the 1990s, Chris was one of the original vulnerability researchers at The L0pht, a hacker think tank, where he was one of the first to publicize the risks of insecure software. He has testified to the US Congress regarding government security and how vulnerabilities are discovered in software.