Security as a Service - Work Where You Engineers Live
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore a conference talk from AppSecUSA 2018 that delves into the concept of "Security as a Service" and how to integrate security practices seamlessly into the software development lifecycle. Learn how Adobe's security team improved their effectiveness by adopting a 'live where they work' approach, aligning security processes with existing software development tools and workflows. Discover strategies for implementing a zero-overhead 3rd Party Library vulnerability detection program, automating security ticket creation, and managing vulnerabilities using project tracking software. Gain insights into how this approach enables rapid response to library vulnerabilities across multiple products and enhances collaboration between security and product engineering teams.
Syllabus
Intro
Adobe Digital Experience
Delivering Software
Discovery
PR Problem
Process Problem
Mordor
Service Lifecycle
Program Management
Security Champions
KPIs
Reporting
Case Study
Workflow
Response Process
Software Composition Analysis
Results
Taught by
OWASP Foundation
Related Courses
Inspecting Open Source Software Packages for Security and License CompliancePluralsight DevSecOps Fundamentals
Cybrary Effective Vulnerability Discovery with Machine Learning
Black Hat via YouTube The Devils in the Dependency - Data Driven Software Composition Analysis
Black Hat via YouTube Protect Yourself Against Supply Chain Attacks
NDC Conferences via YouTube