Implementing Secure Development Lifecycle (SDL) for complex software is not an easy task. Some industry experts still believe that it is nearly impossible for agile development projects. Indeed, the canonic cycle of secure development includes many complex controls, which can easily turn into time-killing bottlenecks.

The speaker will present the way to implement SDL adapted to specific project and to bypass these bottlenecks. Moreover, product security team from Yandex will share their experience on resolving different issues with implementation of security controls.