Danny Harris

Senior Security Consultant & Instructor at Security Innovation

“Application Security – It’s Not Just for Developers Anymore”
Application security has traditionally fallen on the shoulders of development and IT teams as organizations tend to view it as a technology issue. However, due to the inherent financial and operational risk software applications bring to the enterprise, organizations are rethinking their approach.Application security is considered a topic for technical people, and business leaders play a pivotal role in its success at their organizations. The responsibilities for application security are no longer just for the technical team, but executives also need to understand security risk and the secure software development lifecycle to ensure the delivery of secure and robust applications.This talk discusses how application security has become a business risk management concern, and examines the gap between an organization’s perceived and actual security efforts. Additionally, it describes security challenges throughout the software development lifecycle (SDLC) and high-impact activities for various roles that will provide the foundation for a sustainable application security program.


  • Executives, project managers, software development team members

You Will Learn

  • Understand the gap between what people think application security is and what a mature organization does to build secure applications
  • Understand that application security involves not only everyone on the development team, but also people with responsibility for enterprise risk management
  • Understand that every role has a different set of application security responsibilities
Danny Harris has been an information and application security practitioner for over 20 years. He is knowledgeable in all phases of the secure software development life cycle (SDLC) and is responsible for the creation and delivery of application security training and SDLC programs at Security Innovation. Previous teaching experience includes seven years as an adjunct professor for the Computer Security and Forensic Investigation program at Wilbur Wright College and as a security instructor for the SANS Institute.Topics of expertise include information security, security policy, metrics, application and network vulnerability assessments, real-time embedded systems programming, intrusion detection, and incident response

« back

Become a Source Insider

Get promotions and special offers directly to your inbox.