STAREAST 2020 Concurrent Session : Security Partners or Security Police?


Thursday, May 2, 2019 - 11:15am to 12:15pm

Security Partners or Security Police?

It’s often said that with great power comes great responsibility. As technology becomes more powerful, security becomes a great responsibility. You’ve read all the books, followed the latest updates on all the blogs and forums, or maybe you just have a gut feeling that there’s a potential for disaster. As software testers, is it our job to be the security police? If you don’t protect the public, who will? Then there is the business—who is going to protect them from themselves? You go into meetings ready to save the day only to be shot down or, even worse, ignored. What went wrong? Why were you so easily dismissed? Join Janna Loeffler and Yesenia Yser as they talk about how to be the Secret Service of software security instead of the security police. They’ll talk about some simple actions you can take to increase the security of your software without policing it. Learn tips and insights for how to work with the business to identify their perceived security needs. Find out more about some of the security concerns you should be thinking of as a software tester.

Ultimate Software

Janna Loeffler has more than fifteen years of software quality experience. She holds a bachelor's degree in computer engineering and a master's degree in business administration. Working in a variety of software engineering roles, including development, testing, quality assurance, and DevOps, has provided her with a holistic view of software engineering. She has worked on a wide variety of products, such as industrial controls, embedded medical devices, websites, mobile applications, and theme park attractions. Janna has a passion for helping people build high-quality software more efficiently.

Ultimate Software

Yesenia Yser has over eight years in Information Technology and Software Security. She holds a bachelor's degree in computer science and a master's degree in digital forensics. Her professional background is composed of security software development and incident response, with emphasis on customer support, communication, training, security, and leadership awareness. She has managed and worked on a wide range of tools, such as certificate authority, encryption service, detection and alerting, mobile applications, and risk evaluation tools on a global scale. Yesenia is also passionate learner who studies Brazilian jiu jitsu and yoga in her free time.