Completed
Malicious actors are taking advantage of abundant opportunities to tamper with and sabotage products...
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Why Do Developers Make Dangerous Software Errors
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Requirements for secure code are implicitly and not explicitly stated
- 3 "Defacto" security requirements in NIST 800-53 do not explicitly require developers to produce secure code Technical
- 4 Technical controls in NIST 800-53 contribute to application security
- 5 Operational controls in NIST 800-53 contribute to application security
- 6 Key questions
- 7 Perspective on technology today
- 8 Malicious actors are taking advantage of abundant opportunities to tamper with and sabotage products...
- 9 SWA requires multi-disciplinary collaboration
- 10 Acquirers of IT products and services trust that suppliers are addressing cyber security without validating
- 11 Implementation lessons learned from some of the 1/100 companies that implement SwA successfully
- 12 Robust measurement does not happen overnight and requires foundational capabilities in place to be effective
- 13 Critical success factor - long-term management commitment, focus, and appropriate expectations
- 14 Critical success factor-realistic and well thought out data collection strategy
- 15 Critical success factor-effective use of the measures to improve security
- 16 Measurement for secure code requires understanding code level attributes...
- 17 Measurement for secure code involved understanding the effectiveness of implemented processes
- 18 Business functions rely on accurate and reliable information from technology that functions as intended (and only as intended)
- 19 SC22 - Programming Languages, ISO/IEC TR 24772, Programming Language Vulnerabilities
- 20 ISO/IEC 27036: Information technology - Security techniques - Information Security for Supplier Relationships
- 21 NIST IR 7622. Piloting Supply Chain Risk Management for Federal Information Systems
- 22 The Open Group Trusted Technology Provider Framework (TTPF) Purpose
- 23 What's next?
- 24 Why Do Developers Make Dangerous Software Errors?