Every Day Is a Zero Day - Building an In-House Secure SDLC Program
Offered By: YouTube
Course Description
Overview
Learn how to build an in-house Secure Software Development Life Cycle (SDLC) program in this conference talk from BSides Philly 2016. Explore the building blocks of a secure SDLC, understand the importance of safe libraries, and discover how to integrate security into the development and testing processes. Gain insights on adding value through security measures, implementing Microsoft's Secure Development Lifecycle, and fostering dialogue between security and development teams. Examine practical examples, such as using Burp for security testing, and learn about effective reporting methods, security tools, and build pipeline integration. Discover techniques for measuring success, charting security bugs, and determining program maturity to enhance your organization's software security practices.
Syllabus
Intro
Questions
About Tony
Todays topic
Building blocks
Why
Development
Testing
Adding Value
Microsoft Secure Development Lifecycle Diagram
Why do you need to know this
What are safe libraries
Remediation team
Dialogue with security teams
Burp example
Recommendations
Reporting
Security tools
Build pipeline
Measuring success
Charting security bugs
Determining program maturity
Closing thoughts
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube