YoVDO

Costs of Coding to Compliance

Offered By: OWASP Foundation via YouTube

Tags

Conference Talks Courses Risk Management Courses Compliance Courses Application Security Courses Secure Coding Practices Courses PCI Compliance Courses Security Maturity Model Courses

Course Description

Overview

Explore the challenges of balancing security and compliance in software development through this insightful conference talk from APPSEC Cali 2018. Delve into the pitfalls of coding solely to meet compliance standards like PCI, and discover how this approach can lead to security gaps and increased risk. Learn strategies for addressing these gaps, planning for future risks, and prioritizing security initiatives to better manage application security risks while supporting compliance efforts. Gain valuable insights on implementing a framework that combines secure coding practices with compliance requirements, ultimately hardening applications and improving overall security posture. Understand how a more mature security approach can benefit even robust applications while meeting compliance standards for application security. Presented by Magen Wu, a Senior Consultant at Rapid7 with over 10 years of specialized IT experience, this talk covers topics such as security metrics, security maturity models, PCI compliance, multifactor authentication, security lifecycle development cycles, and the importance of cultural shifts in addressing security challenges.

Syllabus

Intro
Security vs Compliance
Most Significant Driver
Least Resistance
Security Metrics
Security Maturity Model
Customer Story
Building a Gate
PCI Compliance
Multifactor
Theres no easy button
Culture shift
People problem
Compliance tree
Red Rover
Security to Compliance
Security Lifecycle Development Cycle
Bring in HR
Next steps
Contact information
Response to developers


Taught by

OWASP Foundation

Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube
Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube
Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube
What's New in Grails 2.0
ChariotSolutions via YouTube
Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube