PRO TALK: Building the Next Generation of Secure Developers

- PST
DeveloperWeek PRO STAGE A
Join on Hopin

Dave Ferguson
Veracode, Solution Architect

Dave Ferguson is a Principal Solutions Architect at Veracode. He focuses on helping developers write secure code and use safe open source components. Dave has worked in software security for the last 15 years after being a developer for more than a decade. Past roles include Principal Consultant at FishNet Security, leading the Application Security program at Sabre Corporation, and directing the Web Application Scanning product line at Qualys. 


As companies migrate to more resilient cloud infrastructures, threat actors continue to turn their attention to the application landscape as the new entry point for compromising systems.

Despite cyberattacks happening at a pace of every 39 seconds, only 3% of U.S. bachelor's degree graduates have cybersecurity-related skills. While several factors play into this, the most glaring is that faculty just don't know about the security field, leading to gaps between academia and industry. Unfortunately the gap has gotten wider due to constant changes and growing toolchains in software development.

This is compounded by a consistent lack of employee training in secure coding principles and how it applies to the software development life cycle, causing new entrants into software development to be ill-prepared to build secure systems.

In order to continue to defend critical assets and infrastructure in rapidly evolving cloud-centric environments, secure coding principles need to be adopted not only within corporate environments but in the classroom, ensuring that the next generation of developers can build experiences that are not only engaging but also secure.

This session will delve into:

The growing security challenges developers face today
The current perceptions of “security” within the developer community
The need for secure coding education at the university level
Opportunities for learning secure coding in educational and corporate environments