Pieter Danhieux
[Secure Code Warrior]
Pieter Danhieux is the CEO of Secure Code Warrior, a global security company that makes software development better and more secure.
In 2016, he was No. 80 on the list of Coolest Tech people in Australia (Business Insider) and awarded Cyber Security Professional of the Year (AISA - Australian Information Security Association).
Pieter is also a Principal instructor for the SANS Institute teaching military, government, and private organizations offensive techniques on how to target and assess organizations, systems and individuals for security weaknesses. He also serves as an advisory board member of NVISO, a cybersecurity consulting company in Europe. Before starting his own company, Pieter work at Ernst & Young and BAE Systems.
Pieter obtained the Certified Information Systems Security Professional (CISSP) certification as one of the youngest persons ever in Belgium. He then obtained the Certified Information Systems Auditor (CISA, now expired), the GIAC Certified Forensics Analyst program (GCFA), and is currently one of the select few people worldwide to hold the GIAC Security Expert (GSE) certification.
Pieter has spoken at over 50 public presentations in the last 7 years including RSA Asia Pacific & Japan, ACSC, AusCERT, ISACA, ISSA, AISA, CloudSec, and SANS Institute Community Events.
CISSP: 52766
“Stop calling my baby ugly!”: Taking a different approach with developers for DevSecOps success
Imagine pouring your heart and soul into a software build, crafting a new piece of our digital world with all the features, functionality, and user experience that has made modern life so darn convenient. Your work is the envy of your peers, and the code shipped without a hitch. Excellent.
… and then, the gloomy presence of a security specialist tears it all down. They’ve found an exploitable security bug, it’s not ready to ship, and you have to fix your no-good code right away. How dare they call your baby ugly, especially after all your hard work, and despite there being so many non-security elements that were awesome.
For many developers, this is the harsh reality of their experience not just with the AppSec team, but with cybersecurity in general. “Security” has negative connotations for them, and it really isn’t a priority when feature-building must take center stage.
However, catastrophic breaches are only getting worse and more frequent, and the traditional approach of throwing endless AppSec tooling at a human problem clearly isn’t working. Developers need an olive branch from the security team, and they need it yesterday.
In this presentation, Pieter Danhieux will have a look at the current skills from 100,000 developers, revealing the current state of developer-driven security, and how smart organizations can help every engineer avoid the “ugly baby” conversation for good.
In 2016, he was No. 80 on the list of Coolest Tech people in Australia (Business Insider) and awarded Cyber Security Professional of the Year (AISA - Australian Information Security Association).
Pieter is also a Principal instructor for the SANS Institute teaching military, government, and private organizations offensive techniques on how to target and assess organizations, systems and individuals for security weaknesses. He also serves as an advisory board member of NVISO, a cybersecurity consulting company in Europe. Before starting his own company, Pieter work at Ernst & Young and BAE Systems.
Pieter obtained the Certified Information Systems Security Professional (CISSP) certification as one of the youngest persons ever in Belgium. He then obtained the Certified Information Systems Auditor (CISA, now expired), the GIAC Certified Forensics Analyst program (GCFA), and is currently one of the select few people worldwide to hold the GIAC Security Expert (GSE) certification.
Pieter has spoken at over 50 public presentations in the last 7 years including RSA Asia Pacific & Japan, ACSC, AusCERT, ISACA, ISSA, AISA, CloudSec, and SANS Institute Community Events.
CISSP: 52766
“Stop calling my baby ugly!”: Taking a different approach with developers for DevSecOps success
Imagine pouring your heart and soul into a software build, crafting a new piece of our digital world with all the features, functionality, and user experience that has made modern life so darn convenient. Your work is the envy of your peers, and the code shipped without a hitch. Excellent.
… and then, the gloomy presence of a security specialist tears it all down. They’ve found an exploitable security bug, it’s not ready to ship, and you have to fix your no-good code right away. How dare they call your baby ugly, especially after all your hard work, and despite there being so many non-security elements that were awesome.
For many developers, this is the harsh reality of their experience not just with the AppSec team, but with cybersecurity in general. “Security” has negative connotations for them, and it really isn’t a priority when feature-building must take center stage.
However, catastrophic breaches are only getting worse and more frequent, and the traditional approach of throwing endless AppSec tooling at a human problem clearly isn’t working. Developers need an olive branch from the security team, and they need it yesterday.
In this presentation, Pieter Danhieux will have a look at the current skills from 100,000 developers, revealing the current state of developer-driven security, and how smart organizations can help every engineer avoid the “ugly baby” conversation for good.
