June 17
15:00 — 16:00
A fresh view on product security
APPSEC.ZONE
Russian
Frequently Product Security term is mixed with Application Security approach and processes, which certainly play key roles in security development process and the development of product functionality, but the Product Security is the combination of various security domains and areas including but not limited to Application, System, Infrastructure and Incident Response Management, as well as Product activities to develop and improve «security» features and the functionality of application itself. So the Product Security is something like the product quality measure that shows how a product or service is secure.

The presentation describes our experience of establishing product security from scratch with common mistakes made in security processes and successful strategies allowed us to make our product aligned with key enterprise security requirements and standards. Also we will discuss the key components of a successful product strategy that includes such aspects as setting security team up and communication with departments as engineering and product managers, and everything that finally helped us to formulate the basic principles of the Product Security Framework for secure product.