We all know we need to write secure code. We know we need to prevent SQL Injection and Buffer Overflows. But development teams are increasing asked to implement a Secure Development Life Cycle and to "develop software securely". So what else do we need to do to satisfy our clients that our software is secure? Come find out in this session that will cover security risks, security in DevOps, auditing for security, static code analysis tools, securing your environments, securing your 3rd party frameworks and tools, and more you should consider to earn a security auditor's seal of approval for your entire development process. Bonus: this will share some details of the SolarWinds hack highlighting the challenges we face to keep our software secure.