8      0

(ISC)² Security Congress 2021 - Career Center & Recordings

1778606 - Creating a virtual first line of defence for secure software development


Oct 18, 2021 2:45pm ‐ Oct 18, 2021 3:45pm



Credits: None available.

Description

This session sets out an approach that combines the security, IT risk and assurance domains to create a sustainable secure software development process. The approach first defines a set of common audit controls and designs them into the process, where they can be inherited by every change. Then it defines a set of tailored controls to satisfy the security requirements of each of the changes that flow through the process. Finally, it creates a virtual-first line of defense, ensuring that as the change flows through the process,security requirements are met and common audit controls are inherited, resulting in every change passing through the development process being secure, compliant and authorized.

Learning Objectives:
  • Define a set of common audit controls to satisfy the audit requirements of each phase of the software development process.
  • Define a set of tailored baseline controls to satisfy the security requirements of each development change.
  • Use a process integrity tool to create a virtual first line of defence that designs these controls into the software development process and manages there day-to-day execution.

Speaker(s):

Tags: Intermediate

Credits

  • 1.00 - CPE

You must be logged in and own this session in order to post comments.