YoVDO

Building an AppSec Program from the Ground Up - An Honest Retrospective

Offered By: LASCON via YouTube

Tags

LASCON Courses Application Security (AppSec) Courses Goal Setting Courses Application Security Courses Threat Modeling Courses Static Analysis Courses Attack Surface Analysis Courses

Course Description

Overview

Learn from a two-year journey of building an application security program from scratch in a small-medium sized company with no prior security infrastructure. Gain valuable insights into successful strategies, pitfalls to avoid, and practical goal-setting techniques. Explore topics such as static analysis, application inventory, champions programs, open source management, threat modeling, metrics, and runtime intelligence. Discover how to prioritize focus areas, implement core security measures, and manage your security portfolio effectively. Benefit from real-world experiences, common-sense perspectives, and actionable advice for starting and improving your own AppSec program.

Syllabus

Intro
My Story
Context
Basic ToDo List
Confidence
The Cadence
Static Analysis
Application Inventory
Champions Program
Open Source
Threat Modeling
Whats Wrong
Metrics
App Appointment Tool
Runtime Intelligence
Core Security
Portfolio
What To Focus On
Homework
Build a champions program
Give back
One rule
Attack Surface Analyzer
ThirdParty Library Analyzer
Visualization


Taught by

LASCON

Related Courses

MongoDB for .NET Developers
MongoDB University Web Application Development – Capstone Course
University of New Mexico via Coursera Ciberseguridad: ataques y contramedidas
Universidad Rey Juan Carlos via Independent Reliable Cloud Infrastructure: Design and Process auf Deutsch
Google Cloud via Coursera Securing and Integrating Components of your Application 日本語版
Google Cloud via Coursera