YoVDO

It Was Broken When It Got Here - Security in Your Software Procurement Process

Offered By: LASCON via YouTube

Tags

LASCON Courses Software Security Courses Vendor Management Courses Vulnerability Assessment Courses Threat Modeling Courses

Course Description

Overview

Explore the critical issue of security in third-party software procurement in this 39-minute LASCON conference talk. Delve into the complexities of ensuring security for Commercial Off-The-Shelf (COTS) and Free and Open Source Software (FOSS) in enterprise environments. Examine case studies of vulnerabilities discovered during penetration tests that led to company compromises. Learn how long-standing flaws in products can create potential back-doors into internal networks and data. Gain valuable advice and guidance on integrating security considerations into the enterprise product purchasing process. Cover topics including the current software security landscape, the challenges of diverse vendor security approaches, and the importance of threat modeling in procurement decisions.

Syllabus

Introduction
About NCC Group
What is software
Your software is not your software
Big software
Software from everywhere
Free Bugs
Working with Vendors
Threat Model


Taught by

LASCON

Related Courses

Comparing WAF and RASP - Why?
LASCON via YouTube API Security - Is it the New Application Attack Surface and How to Secure at Enterprise Scale
LASCON via YouTube Privacy Impact Assessments - How Much Privacy Is Enough?
LASCON via YouTube Your Frontier Defense - Understanding Web Application Firewalls
LASCON via YouTube Doing This One Crazy Thing Will Change Your AppSec Program Forever
LASCON via YouTube