In this talk we use the experience of a Security Engineer tasked with helping a development team raise their security posture, without being part of it. We will look at what works and what failed, propose tactic and techniques to best position the outsider in, and what observed results were achieved.
Joy Ertz discusses some of the pros and cons of continuing to code, along with how some of Joy and her peers have thought through and continue to think through this decision.