Implementing SDL and Surviving

November 18, 2020 – 10:45AM EST

While a secure development lifecycle (SDLC) is centered around education, it goes much beyond the simple ‘how to program securely’ to include:
– Training, including an overview of the process
– Threat modeling, including both deployment and functionality
– Secure coding standards and reviews
– Testing / analysis such as static, dynamic, fuzz and penetration testing
– Supply chain security / monitoring that incorporates component tracking and build/development environment security
– Incident response to improve reaction times

This session will conclude with a discussion on how to measure your SDLC capability and maturity. As we delve into each of these areas, the attendee will gain insights into what is now required to be successful with an SDLC.

Learning Objectives

  • Discover the elements and definitions of the currently evolved secure development lifecycle (SDLC) you need to succeed.
  • Understand how to track the evolving SDLC, since a static one often spells doom.
  • Be introduced to usage and deployment models to determine threats and mitigate them appropriately during the development process.

Michael F. Angelo

Chief Security Architect, Micro Focus Corporation

You need to purchase your pass and register for Security Congress before you can save your spot to attend this session.