Explore a comprehensive conference talk on integrating security throughout the entire software development lifecycle. Learn from real-world incidents like the Kik dispute and SolarWinds attack to understand the critical importance of application security beyond pre-deployment testing. Discover practical strategies for securing development environments, implementing secret scanning and rotation, managing dependencies, and utilizing software composition analysis. Gain insights into leveraging Dependabot for supply chain management, identifying common vulnerabilities like XSS and SQL injection, and employing static and dynamic security testing techniques. Delve into advanced topics such as writing custom CodeQL queries for vulnerability hunting. Suitable for developers and DevOps engineers alike, this talk equips you with the knowledge to bake security into every stage of your development process, from start to finish.
Overview
Syllabus
Application security from start to finish - Michael Kaufmann - NDC Porto 2022
Taught by
NDC Conferences
Related Courses
-
Application Security for Developers
-
Protect Your Code with GitHub Security Features
-
From App Security to Dev Security – Shift Left with GitHub Advanced Security
-
Breaking and Fixing Web Application Security
-
Differences Between Web Application Scanning Tools When Scanning for XSS and SQLi
-
Web Application Security Trends
