Why Do Developers Make Dangerous Software Errors

Why Do Developers Make Dangerous Software Errors

LASCON via YouTube Direct link

What's next?

23 of 24

23 of 24

What's next?

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Why Do Developers Make Dangerous Software Errors

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Requirements for secure code are implicitly and not explicitly stated
  3. 3 "Defacto" security requirements in NIST 800-53 do not explicitly require developers to produce secure code Technical
  4. 4 Technical controls in NIST 800-53 contribute to application security
  5. 5 Operational controls in NIST 800-53 contribute to application security
  6. 6 Key questions
  7. 7 Perspective on technology today
  8. 8 Malicious actors are taking advantage of abundant opportunities to tamper with and sabotage products...
  9. 9 SWA requires multi-disciplinary collaboration
  10. 10 Acquirers of IT products and services trust that suppliers are addressing cyber security without validating
  11. 11 Implementation lessons learned from some of the 1/100 companies that implement SwA successfully
  12. 12 Robust measurement does not happen overnight and requires foundational capabilities in place to be effective
  13. 13 Critical success factor - long-term management commitment, focus, and appropriate expectations
  14. 14 Critical success factor-realistic and well thought out data collection strategy
  15. 15 Critical success factor-effective use of the measures to improve security
  16. 16 Measurement for secure code requires understanding code level attributes...
  17. 17 Measurement for secure code involved understanding the effectiveness of implemented processes
  18. 18 Business functions rely on accurate and reliable information from technology that functions as intended (and only as intended)
  19. 19 SC22 - Programming Languages, ISO/IEC TR 24772, Programming Language Vulnerabilities
  20. 20 ISO/IEC 27036: Information technology - Security techniques - Information Security for Supplier Relationships
  21. 21 NIST IR 7622. Piloting Supply Chain Risk Management for Federal Information Systems
  22. 22 The Open Group Trusted Technology Provider Framework (TTPF) Purpose
  23. 23 What's next?
  24. 24 Why Do Developers Make Dangerous Software Errors?

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.