Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

NDC Conferences

What Is a Software Security Initiative and Do I Need One

NDC Conferences via YouTube

Overview

Explore the fundamentals of software security initiatives in this comprehensive NDC Oslo 2020 conference talk. Learn about the essential components of a successful AppSec program, including the right tools, activities, and culture. Discover how to balance finding, fixing, and preventing security issues in software development. Gain insights into lessons learned from two decades of software security experience and understand various techniques to address security challenges in Agile environments. Delve into SDLC-focused approaches and frameworks like the Software Security Framework from BSIMM. Examine key areas such as stakeholder management, strategy, compliance, training, attack modeling, security features, code review, testing, and vulnerability management. Get practical advice on starting small, improving continuously, and adapting security practices to match development speeds. Ideal for those looking to establish or enhance their organization's software security initiatives.

Syllabus

Intro
usr/bin/whoami MURLO
What is Software Security?
More than just...
printf("Hello, World\n")
Early 2000s: Fix the damn cod
Security in a waterfall world
We're Agile now
Efforts to get real
Option 1: SDLC-focused
Option 2: Use a framework E.g. the Software Security Framework from BSIMM
Stakeholders & Organisation.
Strategy & Metrics
Compliance & Policy
Training
Attack Models
Security Features & Design
Standards & Requirements
Architecture Analysis
Code Review
Security Testing
Penetration Testing
Software Environment
Config Mgmt & Vuln Mgmt
Start small
Security at the speed of developme...
Continually improve
Further reading
Online Resources

Taught by

NDC Conferences

Reviews

Start your review of What Is a Software Security Initiative and Do I Need One

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.