SecDevOps - A Security Pro's Guide to Development Tools
Offered By: YouTube
Course Description
Overview
Explore a comprehensive guide to development tools from a security professional's perspective in this 52-minute conference talk from HouSecCon 6. Gain insights into understanding developers' mindsets, fostering empathy, and effectively integrating security practices into the development process. Learn about ThreadFix and its applications, defect tracking, IDE plug-ins, and incorporating security testing into builds. Discover how to leverage Selenium tests, implement SecDevOps practices, and utilize SonarQube for metrics tracking. Enhance your ability to bridge the gap between security and development teams while improving overall software security.
Syllabus
Intro
An InfoSec Perspective on Developers
The Curmudgeon
Don't Be a Jerk; Perhaps Try Some Empathy
Get Your Mind Right
Empathy and Compassion
If His Holiness the Dalai Lama Isn't Tough Enough
Understand Developer Tools
What Can We Do With ThreadFix?
How Do Developers Manage their workload?
Mapping Vulnerabilities to Defects
Demo: Defect Tracker Integration
Where Do Developers Actually Spend Their Time?
IDE Plug Ins
How Do Developers Know Their Software Works?
Get Security Testing Included In Builds
ThreadFix Jenkins Plugin
Taking Advantage of Selenium Tests
SecDevOps with ThreadFix
What Metrics Do Developers Track?
SonarQube Integration
Questions / Contact Information
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube