At Adobe, secure software development program demands 'ninja' tactics

SAN FRANCISCO -- One of the biggest challenges in fostering a secure software development program is inspiring developers. How can an organization successfully incentivize programmers so they care about developing their security skills? At Adobe, the answer is simple: turn developers into security ninjas, so to speak.

"We have these little badges we put on our internal directory, and we call them 'flare.' So you have your little ninja white belt or green belt, and you lose your flare if you don't refresh" your developer security training, said Adobe Chief Security Officer Brad Arkin. "Once people started seeing their badges disappear, that was such a hardship; they wanted to get their 'ninja' back … our refresh rate after that was 97%."

In this video, recorded at the 2013 RSA Conference, Arkin offers an in-depth look at Adobe's secure software development lifecycle program, including how the vendor trains its developers, how it continues to evolve and improve its secure software development program, and how it ties developer security skills to career opportunities. Arkin also shares his advice on how to get business stakeholders to care about and support software security.

Editor's note: Arkin's title at the time of the interview was senior director of product security.

View All Videos

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close