How GenAI Costs Sank Duolingo’s Stock 20% Despite Record Growth

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

The Insecure Software Development Lifecycle - How to Find, Fix, and Manage

via

Start learning Write review

Overview

Coursera Plus Flash Sale: All Certificates & Courses 40% Off. 72 Hours Only!
Grab it
Explore the intricacies of secure software development in this comprehensive ShowMeCon 2018 conference talk. Delve into the current state of software development lifecycles and learn how to identify, address, and manage security vulnerabilities throughout the process. Gain insights on understanding stakeholders, analyzing existing processes, and conducting gap analyses. Discover the importance of key program metrics, phased goals, and management support in rebuilding secure development programs. Learn strategies for effective collaboration, including rotating work assignments and embedded liaisons. Understand how to leverage organizational policies and compliance requirements to create a need for security measures. Examine the role of style guides, automated code scanning, and manual reviews in maintaining secure coding practices. Based on the speaker's O'Reilly report, this talk provides valuable knowledge for improving the security of software development lifecycles.

Syllabus

Intro
The Status Quo of Software Development Lifecycles
Understanding Stakeholders and Existing Processes
Project Managers are EPIC assets
QA and DevOps
Customers/End-Users
Analyzing existing processes
Document the gap analysis
How does security affect the stakeholder?
How does security affect the process?
Preparing for rebuilding the program
Key program metrics
Important metrics
Phased goals
Goal phases
Gaining management support
Planning requirements
Active stakeholder participation
Working as a unified team
The importance of collaborating as one team
Discussions, not just bug submissions • Detailed meetings to discuss findings from offensive testing
Rotating work assignments and embedded liaisons
Setting expectations for stakeholders
Using organizational policy to create a need
Using compliance to create a need
The development style guide and standard libs
Style guides
Automated code scanning vs Manual reviews
Checklists set and track expectations
Conclusion
This talk is based on my O'REILLY repart available through Safari Books Online

Reviews

Start your review of The Insecure Software Development Lifecycle - How to Find, Fix, and Manage

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.