SecDevOps - A Security Pro's Guide to Development Tools
Offered By: YouTube
Course Description
Overview
Explore a comprehensive guide to development tools from a security professional's perspective in this 52-minute conference talk from HouSecCon 6. Gain insights into understanding developers' mindsets, fostering empathy, and effectively integrating security practices into the development process. Learn about ThreadFix and its applications, defect tracking, IDE plug-ins, and incorporating security testing into builds. Discover how to leverage Selenium tests, implement SecDevOps practices, and utilize SonarQube for metrics tracking. Enhance your ability to bridge the gap between security and development teams while improving overall software security.
Syllabus
Intro
An InfoSec Perspective on Developers
The Curmudgeon
Don't Be a Jerk; Perhaps Try Some Empathy
Get Your Mind Right
Empathy and Compassion
If His Holiness the Dalai Lama Isn't Tough Enough
Understand Developer Tools
What Can We Do With ThreadFix?
How Do Developers Manage their workload?
Mapping Vulnerabilities to Defects
Demo: Defect Tracker Integration
Where Do Developers Actually Spend Their Time?
IDE Plug Ins
How Do Developers Know Their Software Works?
Get Security Testing Included In Builds
ThreadFix Jenkins Plugin
Taking Advantage of Selenium Tests
SecDevOps with ThreadFix
What Metrics Do Developers Track?
SonarQube Integration
Questions / Contact Information
Related Courses
Mujeres coraje. DesafĂos en la historiaUniversitat Jaume I via Independent Acumen Essentials I: Intro to Moral Imagination and Challenges in Poverty Alleviation
+Acumen via Independent Reconciliation Through Indigenous Education
The University of British Columbia via edX Genius. Talent. Golden Mediocrity
Tomsk State University via iversity Conversations That Inspire: Coaching Learning, Leadership and Change
Case Western Reserve University via Coursera