Application security isn’t just about policies and tools: it’s about habits. How can we ensure that security activities like threat modeling, secure code reviews, and vulnerability management become second nature for development teams? In this talk, we’ll explore how Charles Duhigg’s Habit Loop can be applied to embed security into daily workflows.
We’ll break down how to design effective security cues, establish repeatable security routines, and reinforce habits with meaningful rewards. Using real-world examples, attendees will learn practical strategies to integrate security seamlessly into software development, without adding friction or overwhelming teams.
Join this session to discover how behavioral science can turn security best practices into lasting habits!
Speaker Bio
Nariman Aga-Tagiyev is an Application Security Architect with over two decades of experience in software development. Over the course of his career, Nariman has worn multiple hats, serving as a full stack web application developer, backend developer, DevOps engineer, and cloud developer. However, since 2016, his focus has been exclusively dedicated to the realm of Application Security and advancing Software Security Development Life Cycle (SSDLC) maturity. Since 2024, he is a member of the OWASP SAMM project core team.
We use analytics cookies to understand how visitors use this site. See our privacy policy.
Cookie preferences
Necessary
Required for the site to work. Cannot be disabled.
Always on
Analytics
Helps us understand how visitors use the site (Google Analytics and Scarf page-view pixels on SAMM model pages). No personally identifiable information is collected.
