New research into application security practices at over 100 companies will be presented, covering software security strategies and tactics as they are practiced in the wild, based on the new BSIMM6 dataset. Statistics will be balanced with war stories from the field to illustrate foundational principles of starting and sustaining programs, as well as “what not to do” gotchas that can kill an initiative in its tracks.
