Completed
Building Security into the SDL is always explicit, not implicit
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Software Security Engineering: Lessons from the Past to Fix the Future
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Who am I? How my experience is relevant to this talk?
- 3 Overview
- 4 Top OS and OS-Native Apps Vulnerat That has be around for over one to two decades
- 5 History of Few Common Bug Classes
- 6 The Big Question
- 7 The Two Most Prominent Reasons
- 8 2 Typical Response For A Bug Report of the applications and software you support
- 9 Disadvantage of Such Mitigation Str
- 10 2 The Way "The Industry" Respond To Any Publicly Reported Security Bug
- 11 Understanding Bug Class and Bug Na
- 12 Translating A Bug Class To It's Corresponding Root Cause and Bug Nature
- 13 The Way "The Industry" Must Respd To Any Publicly Reported Bugs
- 14 Decoding The Nature of a Bug MSO
- 15 Decoding The Nature of a Bug More Examples
- 16 Recommendations Based on learnings from the historical bug reports
- 17 Typical Exploit and Defense In Depth
- 18 Targeted Exploit Mitigation
- 19 Web-based Application Mitigation
- 20 Introducing Behavioral Based Check
- 21 Integrating Machine Learning
- 22 Recommendations Based on learnings from the OS and Browser mitigation
- 23 The Paradigm Shift in Software Security Engineering
- 24 The Paradigm Shift and The Rise In Misconception
- 25 Applying Common-Sense Security In Each Engineering Lifecycle
- 26 Migrating to DevOps / DevSecOps?
- 27 The Herd Mentality (Going with the flow without rational thinking)
- 28 Building Security into the SDL is always explicit, not implicit
- 29 Final Words
