0      0

Implementing SDL and Surviving

‐ Nov 18, 2020 12:00pm

Credits: None available.

While a secure development lifecycle (SDLC) is centered around education, it goes much beyond the simple ‘how to program securely’ to include:

-Training, including an overview of the process
-Threat modeling, including both deployment and functionality
-Secure coding standards and reviews
-Testing / analysis such as static, dynamic, fuzz and penetration testing
-Supply chain security / monitoring that incorporates component tracking and build/development environment security
-Incident response to improve reaction times

This session will conclude with a discussion on how to measure your SDLC capability and maturity. As we delve into each of these areas, the attendee will gain insights into what is now required to be successful with an SDLC.



Credits: None available.

You must be logged in and own this session in order to post comments.