What software security do you need?

Our mission is to help everyone involved in software development to make that decision for themselves.


Why

Decision making about security and privacy is important:

  • Virtually every software user, every company, and every developer is nowadays concerned about security and privacy.
  • So,  ‘good enough security’ is now essential for almost every software development; plus  ‘good security and privacy’ is an important selling point
  • Yet security and privacy are expensive to implement; how much security is enough?

How

do developers affect the security and privacy of their products?


What we do

  • We promote & provide for free Developer Security Essentials, a highly effective set of self-training workshops to promote effective security decision making for your development groups.
  • We provide all the training materials required to roll out a programme in your own organisation.
  • We provide measurement tools to assess and quantify improvements over time.

Are the workshops and tools for you?

  1. Are you a software consultant, product manager or part of a development team?
  2. Does your team make decisions about security and privacy? 
  3. Can you arrange workshops for software development teams?

Our workshops add value

  • “The workshop had a marked effect on the practices and mindset of the team who took part – their acceptance criteria for any ticket now includes consideration of the security implications of the work and likewise all pull requests are reviewed with security in mind.” Security Specialist, UK Government
  • “The workshops were very well received by all the participants. … particularly the product owners, who gained an awareness of security issues and an understanding of how to prioritise security in terms of its value. The workshop has certainly provided a way for us to increase security awareness in teams”. Manager, Trading infrastructure supplier.
  • Of 8 highly varied companies using Developer Security Essentials, all but the 2 most security-adept showed a marked increase in security discussions with stakeholders following the workshops.