Completed
This is how it was meant to be done
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Formal Verification of Secure Software Systems
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Ground rules
- 3 The rule of two feet
- 4 What's the most important part of software?
- 5 This is how it was meant to be done
- 6 The software security group is just another engineering team
- 7 Your SSG should be one of your strongest development teams
- 8 Tension, direction, respect, collaboration
- 9 First, and most important, you have to be pointed in the same direction
- 10 If you don't have the same objectives, nobody wins
- 11 If you want to move in the same direction you need mutual respect!
- 12 When you have respect you can have healthy tension
- 13 When you have healthy tension you get to the real issues
- 14 Instead of pen testers, hire solid developers
- 15 It's easier to train developers in security than it is security pros in development
- 16 Threat modeling
- 17 Find creative ways to say yes
- 18 When you can competently understand business impact and risk you can understand why yes might be important
- 19 High functioning SSGS are part of the development process
- 20 But not because they are required
- 21 An SSG that helps ship software faster is always welcome
- 22 Teams will actively seek the advice of the SSG
- 23 Because they don't have to be afraid of what will happen
- 24 When you have a team of developers automation increases
- 25 Security becomes part of the product
- 26 The end result looks like real collaboration
- 27 Questions?
