Building an AppSec Program from the Ground Up - An Honest Retrospective
Offered By: LASCON via YouTube
Course Description
Overview
Learn from a two-year journey of building an application security program from scratch in a small-medium sized company with no prior security infrastructure. Gain valuable insights into successful strategies, pitfalls to avoid, and practical goal-setting techniques. Explore topics such as static analysis, application inventory, champions programs, open source management, threat modeling, metrics, and runtime intelligence. Discover how to prioritize focus areas, implement core security measures, and manage your security portfolio effectively. Benefit from real-world experiences, common-sense perspectives, and actionable advice for starting and improving your own AppSec program.
Syllabus
Intro
My Story
Context
Basic ToDo List
Confidence
The Cadence
Static Analysis
Application Inventory
Champions Program
Open Source
Threat Modeling
Whats Wrong
Metrics
App Appointment Tool
Runtime Intelligence
Core Security
Portfolio
What To Focus On
Homework
Build a champions program
Give back
One rule
Attack Surface Analyzer
ThirdParty Library Analyzer
Visualization
Taught by
LASCON
Related Courses
Goldman Sachs 10,000 Women के साथ, मोलभाव के मूल सिद्धांतGoldman Sachs via Coursera Fundamentos de Negociação com o 10,000 Women da Goldman Sachs
Goldman Sachs via Coursera Action Planning
Rice University via Coursera Introduction to Agile: Beyond Methodologies
Emergn via edX The Art of Sales - Course 1: Prepare to Stand Out
Northwestern University via Coursera