Overview
Explore a comprehensive conference talk on integrating GDPR requirements into the Software Development Lifecycle (SDLC). Learn how to involve the Data Protection Officer in software security governance, provide privacy awareness training to developers, and incorporate privacy into secure coding guidelines. Discover methods for conducting Privacy Impact Analysis as part of software risk assessment and mapping GDPR to software security requirements. Gain insights on applying privacy by design principles to software architecture, including privacy threats in threat modeling, and implementing privacy security checklists in testing. Understand how to apply GDPR-specific breach notification requirements to vulnerability and incident management processes. Benefit from practical implementation aspects and real-life use case demonstrations from software security and privacy projects.
Syllabus
Embedding GDPR into the SDLC - Steven Wierckx - AppSecUSA 2017
Taught by
OWASP Foundation