Most businesses have recognized the need for delivering secure code: according to a 2018 Veracode report, 71% of organizations surveyed had a formal application security program in place. However, the scope and function of that team can vary wildly. Some businesses rely on post-sprint penetration testing and automated validation processes, while others apply a holistic application security function designed to “shift left” and include security from the very start of a new project.
Duo’s Head of Security Engineering, Amanda Honea-Frias, believes that the strongest AppSec teams are those built with a diverse group of highly-skilled specialists and broadly-adept generalists. Amanda prefers to focus on each team member’s current skill set, rather than trying to hire people who fit narrow and rigid requirements. Amanda will also share concrete strategies and examples of how Duo has built cross-functional teams, including reviving the lost art of apprenticeship and forging Security Champions. View this session to learn more!
Amanda Honea-Frias, Head of Security Engineering, Duo Security
Amanda Honea-Frias has worked in roles ranging from DevOps, Network Engineering, Technical Support, PenTesting all the way to building and evolving Application Security business units for enterprise companies such as Belkin, Amazon Web Services and now finding her home with Cisco in the Duo Research and Development business unit securing and the maturing the Application Security Program and unifying security cross-functionally. In her spare time she loves hanging out with her soul-mutt (Bolt), wife and four cats.