OWASP AppSec DC 2012/Integrating Application Security into your Lifecycle andProcurement

The Presentation
The panel aims to explore how organizations track and improve their coverage of vulnerabilities when they assess the software they build and/or buy. How do your organizations select the most effective tools and techniques to find each kind of vulnerability? What factors aid in choosing whether or not to automate or manually seek out particular vulnerabilities? ...finally, how does your organization track the above selection of assessment tools and techniques, attest to review compliance, and track quality vs cost?