YoVDO

Lean Security

Offered By: LASCON via YouTube

Tags

LASCON Courses DevOps Courses Agile Courses

Course Description

Overview

Explore lean security principles in this 42-minute LASCON conference talk by Ernest Mueller. Learn how to align security practices with Lean, DevOps, and Continuous Delivery philosophies to enhance organizational speed and efficiency. Discover strategies for implementing attack-driven approaches to software delivery pipelines, increasing transparency and visibility across the organization. Gain insights into defensive systems thinking to reshape the attack landscape while working in harmony with business functions. Understand emerging Lean, Agile, and DevOps techniques, acquire organizational strategies to bridge DevOps and security, and learn to apply effective detection and monitoring through real-world examples. Examine common security challenges and misconceptions, and discover how adopting lean security principles can transform security from a bottleneck to a valuable, integrated process that supports business objectives while efficiently managing risks.

Syllabus

Intro
WHAT ARE THE CHALLENGES THAT AGILE / DEVOPS / LEAN POSE TO INFOSEC?
INSTEAD, EXAMINE HOW ADOPTING THESE STRATEGIES CAN HELP YOU WIN
LEAN SECURITY IS FOR WINNERS
SECURITY IS JUST BEANCOUNTING
WE TRADED ENGINEERING FOR ACTUARIAL DUTIES
A SECURITY MANAGEMENT SYSTEM PROVIDES OPTIMAL VALUE TO THE ORGANIZATION FIE ACTIVELY SUPPORTS ACHIEVING THE BUSINESS AND COMPLIANCE OBJECTIVES OF THE ORGANIZATION (THE VARIABLE PART) IS AN EFFICIENT, ABLE AND INTEGRATED PROCESS, CAPABLE OF DEALING WITH A DYNAMIC THREAT ENVIRONMENT CONSUMES MINIMAL TIME AND RESOURCES RESULTS IN ADEQUATELY MANAGED SECURITY RISK, IN LINE WITH THE RISK APPETITE OF THE ORGANIZATION PROVIDES ONLY THE NECESSARY, YET ADEQUATE, USER FRIENDLY, EFFICIENT AND MEASURABLE SECURITY CONTROLS
SECURITY IS A BOTTLENECK
UNDERSTAND THE WASTE THAT YOU GENERATE
SECURITY IS INVISIBLE
SECURITY PROFESSIONALS ARE QUICK TO SAY SECURITY IS EVERYONE'S JOB
SECURITY IS ALWAYS TOO LATE
CEASE DEPENDENCE ON MASS INSPECTION TO ACHIEVE QUALITY. IMPROVE THE PROCESS AND BUILD QUALITY INTO THE PRODUCT IN THE FIRST PLACE.'
SECURITY IS ALWAYS IN THE WAY
SECURITY IS PERFECTIONIST AND IS THEREFORE UNREALISTIC
SECURITY IS YOUR PRODUCT
QUESTIONS?


Taught by

LASCON

Related Courses

Introduction to Agile Software Development: Tools & Techniques
University of California, Berkeley via edX Advanced Topics and Techniques in Agile Software Development
University of California, Berkeley via edX Du manager au leader agile / From manager to agile leader
CNAM via France Université Numerique Software Processes and Agile Practices
University of Alberta via Coursera Introduction to Software Product Management
University of Alberta via Coursera