Completed
This talk is based on my O'REILLY repart available through Safari Books Online
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
The Insecure Software Development Lifecycle - How to Find, Fix, and Manage
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 The Status Quo of Software Development Lifecycles
- 3 Understanding Stakeholders and Existing Processes
- 4 Project Managers are EPIC assets
- 5 QA and DevOps
- 6 Customers/End-Users
- 7 Analyzing existing processes
- 8 Document the gap analysis
- 9 How does security affect the stakeholder?
- 10 How does security affect the process?
- 11 Preparing for rebuilding the program
- 12 Key program metrics
- 13 Important metrics
- 14 Phased goals
- 15 Goal phases
- 16 Gaining management support
- 17 Planning requirements
- 18 Active stakeholder participation
- 19 Working as a unified team
- 20 The importance of collaborating as one team
- 21 Discussions, not just bug submissions • Detailed meetings to discuss findings from offensive testing
- 22 Rotating work assignments and embedded liaisons
- 23 Setting expectations for stakeholders
- 24 Using organizational policy to create a need
- 25 Using compliance to create a need
- 26 The development style guide and standard libs
- 27 Style guides
- 28 Automated code scanning vs Manual reviews
- 29 Checklists set and track expectations
- 30 Conclusion
- 31 This talk is based on my O'REILLY repart available through Safari Books Online
