How do your developers respond to you when security issues are brought to them? Mine often drop what they're doing to get them resolved. Often I'm having to reign them in and make them follow our current process. This isn't because I'm using role power or they see me as a technical expert. This is because I've built a strong relationship with the developers using the same social engineering techniques you'd use to break into a building. The techniques include authenticity, reciprocity, empathy, what we wear, and how we communicate. I will share the program that I've built and how I went about it using social engineering. I'll also provide activities that get developers thinking about security while they're writing code. This talk will help you improve your interactions with developers and help your company become more secure.

timothy.deblock@gmail.com @TimothyDeBlock