Completed
Discussions, not just bug submissions • Detailed meetings to discuss findings from offensive testing
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
The Insecure Software Development Lifecycle - How to Find, Fix, and Manage
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 The Status Quo of Software Development Lifecycles
- 3 Understanding Stakeholders and Existing Processes
- 4 Project Managers are EPIC assets
- 5 QA and DevOps
- 6 Customers/End-Users
- 7 Analyzing existing processes
- 8 Document the gap analysis
- 9 How does security affect the stakeholder?
- 10 How does security affect the process?
- 11 Preparing for rebuilding the program
- 12 Key program metrics
- 13 Important metrics
- 14 Phased goals
- 15 Goal phases
- 16 Gaining management support
- 17 Planning requirements
- 18 Active stakeholder participation
- 19 Working as a unified team
- 20 The importance of collaborating as one team
- 21 Discussions, not just bug submissions • Detailed meetings to discuss findings from offensive testing
- 22 Rotating work assignments and embedded liaisons
- 23 Setting expectations for stakeholders
- 24 Using organizational policy to create a need
- 25 Using compliance to create a need
- 26 The development style guide and standard libs
- 27 Style guides
- 28 Automated code scanning vs Manual reviews
- 29 Checklists set and track expectations
- 30 Conclusion
- 31 This talk is based on my O'REILLY repart available through Safari Books Online
