Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Every Day Is a Zero Day - Building an In-House Secure SDLC Program

via YouTube

Overview

Learn how to build an in-house Secure Software Development Life Cycle (SDLC) program in this conference talk from BSides Philly 2016. Explore the building blocks of a secure SDLC, understand the importance of safe libraries, and discover how to integrate security into the development and testing processes. Gain insights on adding value through security measures, implementing Microsoft's Secure Development Lifecycle, and fostering dialogue between security and development teams. Examine practical examples, such as using Burp for security testing, and learn about effective reporting methods, security tools, and build pipeline integration. Discover techniques for measuring success, charting security bugs, and determining program maturity to enhance your organization's software security practices.

Syllabus

Intro
Questions
About Tony
Todays topic
Building blocks
Why
Development
Testing
Adding Value
Microsoft Secure Development Lifecycle Diagram
Why do you need to know this
What are safe libraries
Remediation team
Dialogue with security teams
Burp example
Recommendations
Reporting
Security tools
Build pipeline
Measuring success
Charting security bugs
Determining program maturity
Closing thoughts

Reviews

Start your review of Every Day Is a Zero Day - Building an In-House Secure SDLC Program

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.