Gwen Diagram is a technology professional from Leeds who specialises in testing. She is an avid automation evangelist with a focus on testing complemented by repeatable build processes with monitoring. She has had varied roles throughout her career including Scrum Master at a Start Up and DevOps kid at a large Financial Services organisation. She is Lead Tester at Monzo Bank.
As a strong believer in making the tech industry as open and punk as possible, she co-organises a twice yearly free day long testing conference called the Leeds Testing Atelier. She speaks regularly at local meet-up groups, Agile Yorkshire and Leeds DevOps, duels with creative types at events like the Tech Off, speaks internationally at conferences such as Nordic Testing Days in Tallinn and was the closing keynote at Agile on the Beach in Falmouth, UK in 2018.
Outside of work, you will usually find her hanging around a Natural History Museum somewhere in the world marvelling at how incredibly excellent dinosaurs are, feeding pigeons or ducks or shouting as the singer in a band.
Security isn't very fun for development teams to think about. It's complex and something that isn't brought to mind when considering requirements. Too often, it neglected by teams and left to the end for penetration testers to consider. But, it doesn't have to be. Security can be considered early in the development cycle. How can we encourage this behaviour? How can you get development teams interested?
Security is an important skill to possess while delivering quality software. The cost of not having security skills within teams is now more obvious than ever. Security should be in the forefront of development teams minds. Even with these risks, data leaks and denial of service attacks are in the headlines often. How do we stop our companies being another statistic?
Learning should not be compulsory. Especially if you want something to become part of the culture. Beginning with a simple workshop to expanding to a security guild, people were eager to be involved. This lead to further workshops which included the basics of threat modelling using STRIDE to the complexity of automated checks. Security at Sky became not only fun but cool. Security was no longer a rarely thought about requirement but a fun, oft thought about need.
Our conference is dedicated to providing a harassment-free conference experience for everyone, regardless of gender, gender identity and expression, age, sexual orientation, disability, physical appearance, body size, race, or religion (or lack thereof). We do not tolerate harassment of conference participants in any form. Sexual language and imagery is not appropriate for any conference venue, including talks, workshops, parties, Twitter and other online media. Conference participants violating these rules may be sanctioned or expelled from the conference without a refund at the discretion of the conference organisers.