Changing perception of security function in development and delivery processes is a process itself. But for perception to change - security function must evolve itself. Application developer makes decisions around security aspects much more often than security officer. Yet with most of security personnel originating from network and system security - how shifting security left can happen and gap between those two, often distinct groups can be bridged?
Areas of discussion;