OWASP AppSec India Conference 2008 Business Case for AppSec

Summary
Organizations considering the addition of static analysis tools to their overall security program need to build a business case that addresses the needs of several groups within their organization. Security teams need to think beyond the tool and understand how to sell the approach to executives, development teams, and their own management. This talk provides a framework for documenting a business case for static analysis, and will share experiences from static analysis tool implementations.

About Speaker
Brandi Moore's career began in computer security inside the US government where she was the first researcher to measure the effectiveness of laws designed to address computer crime. She was recruited by AOL and spent almost 8 years working for a variety of teams, ending her post inside the Operations Security group where she was responsible for managing international compliance issues and AOL's Security Awareness Program. Brandi was recruited to Mandiant, a boutique Incident Response firm, leading East Coast sales for the US. Today she is a member of Ounce Lab's team working as a Director of Sales for the New York region. She is on the Board of Directors for OWASP's NY Chapter, holds a BS from Michigan State University and a Masters in Forensic Science from George Washington University. Brandi is owns IndiaThink, a firm focused on helping companies across the US develop strategies to obtain the most from their India investments through cultural awareness.