From Imola Informatica
Graduated from University of Bologna (Italy) in Computer Engineering, he currently serves as a Consultant for the IT departments of medium/large organisations, with focus on DevOps practices and Security. His other main interests are programming languages, optimization algorithms and machine learning.
Secure Software Development Lifecycle demystified: tools and lessons from building financial applications.
Nowadays, enterprises strive to continually hone their software development process and practices up to the point where continuous deployment in production is a given; the finance sector is no exception, with both business challenges and regulation compliance as the main driving forces for continuous change.
However, releasing new product features many times a day becomes a crucial challenge in terms of software security, and integrating manual/automated security assessment in the build and delivery pipeline is only the tip of the iceberg.
Secure Software Development Practices (S-SDLC) aim at addressing security issues in a much broader perspective, starting from the prerequisites and design of an application, up to the delivery in production.
This talk will discuss S-SDLC practices, (Open Source) tools, lessons learned, and issues from our experience in building web applications for many large banking and insurance companies.