Explore quantitative research on the impact of software security practices on risk outcomes in this 51-minute RSA Conference talk. Discover how Comcast correlated various security practices with outcome data from 200 diverse teams, covering secure coding training, threat modeling, penetration testing, security tool usage, and code reviews. Learn about the effectiveness of different security measures, understand the data analysis process, and gain insights into high-severity issue resolution, secure coding training benefits, and the importance of threat modeling. Examine the concept of production-ready security assessments, secrets management, and basic security prerequisites. Delve into the challenges faced in software security and the potential for developer empowerment in addressing these issues.
The Impact of Software Security Practice Adoption Quantified
Overview
Syllabus
Intro
Data
Money Slide
Data Source
Trust
Demo
Data Analysis
High Severity Clean
Secure Coding Training
Only Merge Secure Code
Threat Modeling
Production Ready Security Assessment
Secrets Management
Basic Security
Prerequisites
The Problem
Drama
Dev Empowerment
Taught by
RSA Conference
Related Courses
-
Designing Robust Information System Security Architectures
-
Security for Artificial Intelligence Software and Services
-
Application Security for Developers and DevOps Professionals
-
SDL That Won't Break the Bank
-
Introduction to Embedded Linux Security
-
Software Security Initiative Capabilities - Where to Begin
