Neelu will be presenting the following session
  • Neelu Tripathy

    Neelu Tripathy - Championing Security for your Agile Development

    45 Mins

    The world is shifting from waterfall to Agile ways of development and technology is changing fast.  Amidst all this, security teams are not able to keep up with this pace. This has led to increase in the number, size and frequency of breaches &  supply chain attacks.

    In this talk, we discuss how to hack the developer mindset to Build Security into the product/application; also, the methods and means to make it effective at scale.

    Here, I discuss the actual outcomes of this approach and share learnings from successful execution of the ‘Security Champion Program’ that I designed & drove at scale. This program proved to be effective and was run for ~ 200 teams comprising of ~3000 developers and continues to grow.

    During this process, we captured hundreds of threats, taking them through a structured approach to track, manage and mitigate these issues on their project/devOps dashboard. In this talk, we also share what good looks like when Security is everyone's responsibility.

1. What got you started/interested in modern software development methods?

My work with code and application security has been driving for this. However my switch from offensive to defensive security gave me a better understanding of modern software development methods and security challenges therein.

2. What do you think is the biggest challenge faced by the software product engineering community today?

Maintaining quality and security.

3. What do you think are the most exciting developments in software product engineering today?

These would be the new tech stacks coming up esp new languages and cloud components/services.

4. Why did you choose the topic(s) you will be speaking about at the conference?

My areas of work and interest is Continuous Security esp meant for Agile development lifecycles. Hence I will be talking about 'Championing Security for your Agile Development' this year at Agile India 2022

5. What are some of the key takeaways from your session(s) at Agile India?
  1. Firstly, key human considerations for strengthening the people layer - lean processes, necessary automation, and niche role specific awareness for development teams
  2. Second- A structured approach & Roadmap to designing your Continuous security program that drives mindset change - Onboarding Sec Champs, Workshops, Governance (Cadence, metrics, measurement)
  3. Third- Understand how to address security of Agile software delivery at scale and make Security everyone’s responsibility.
6. Which sessions are you particularly looking forward to attending at Agile India this year?

I am planning to attend all sessions around Security in Agile