Here is a list of all the content that has been tagged as hacking.
Few organisations understand the secrets of shifting the focus on security from late in the software development life-cycle to within the Development Team.
Not only does this significantly reduce the number of security defects being pushed to your production systems, but also significantly reduces the total cost of development.
Cheapest place to deal with defects There have been many studies specifically looking at the costs of finding and fixing defects early, as opposed to the planning of how to fix defects once the product is delivered, or not planning at all.
A three part book series focused on lifting the security knowledge of Software Developers, Engineers, and their teams, so that they can continuously deliver secure technical solutions on time and within budget, without nasty surprises.
Kim will explain the roles of ’T’ shaped professionals, including placement of security champions to create your purple Development Teams.
We will work through how to implement the Sensible Security Model (SSM) within each and every Sprint, including:
Creating actionable countermeasure Product Backlog Items Integrating them into the same Product Backlog that your Development Team has been pulling business focussed items from Ordering them based on the risk ratings you create for each Kim will discuss how and where Agile Development Teams often fail, along with how to succeed with security with a familiar anecdote.
The content is aimed at software engineers to teach them how to think holistically about security. The theme that runs through the training, and the book, is pulling the security focus that’s usually left until the end of the project or “go live” right into each Sprint. Baking security into the product from the cheapest possible place. Thus saving large amounts of money due to re-work and business asset loss. Kim will be teaching attendees a very simple threat modelling process initially blue printed by one of the best security experts the world has known, Bruce Schneier, then how to apply that process to a 10,000′ view and lower for a collection of areas: