In a recent 'Ask Me Anything' live stream,Tanya Janca ofWe Hack Purple discusses 'DevSecOps versus Secure SDLC'. This video is approximately 2.5 minutes.
- DevSecOps is you as an AppSec professional, doing your job, in a DevOps environment.
- A secure SDLC is when you add security activities to your system development lifecycle. Preferably in every phase of the SDLC, and formalized (devs cannot avoid it).
- Examples of secure SDLC-Threat modelling during design-Adding security requirements & review during requirements gathering-Reviewing your design for security flaws and to ensure secure deign concepts are applied
Then Tanya gets off topic and talks aboutWe Hack Purple.
—
For this and more, check out my book,Alice and Bob Learn Application Security and my online training academy,We Hack Purple!
Top comments(2)
Subscribe
Gadi Naor•
Gadi Naor has 18 years of engineering experience, from kernel-based development through leading development of cybersecurity products starting his professional career at Check Point. Gadi then joined
- Joined
The title !!!! and the observations on the differences between the two topics - really liked it.
You might find useful these kubernetes tools
Tanya Janca•
AppSec Nerd, at your service.
- LocationWest Coast Canada
- WorkCEO & Founder at We Hack Purple
- Joined
Thank you! :-D
For further actions, you may consider blocking this person and/orreporting abuse
