At Adobe, secure software development program demands 'ninja' tactics

At Adobe, secure software development program demands 'ninja' tactics

Date: May 14, 2013

SAN FRANCISCO -- One of the biggest challenges in fostering a secure software development program is inspiring developers. How can an organization successfully incentivize programmers so they care about developing their security skills? At Adobe, the answer is simple: turn developers into security ninjas, so to speak.

"We have these little badges we put on our internal directory, and we call them 'flare.' So you have your little ninja white belt or green belt, and you lose your flare if you don't refresh" your developer security training, said Adobe Chief Security Officer Brad Arkin. "Once people started seeing their badges disappear, that was such a hardship; they wanted to get their 'ninja' back … our refresh rate after that was 97%."

In this video, recorded at the 2013 RSA Conference, Arkin offers an in-depth look at Adobe's secure software development lifecycle program, including how the vendor trains its developers, how it continues to evolve and improve its secure software development program, and how it ties developer security skills to career opportunities. Arkin also shares his advice on how to get business stakeholders to care about and support software security.

Editor's note: Arkin's title at the time of the interview was senior director of product security.

More on Software Development Methodology

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: