Learn how to identify the risks within your applications.
- One of the core tenets of security…especially in a software development shop…is understanding and mitigating your risks.…An entire course could be devoted to risk management…for software teams.…But for this course,…let's take a quick look at the basics.…While I would like to convince you…that you should test every possible scenario…on every release,…the reality is that this isn't possible in most businesses.…
There just isn't enough time in the day…to write or execute every test.…If you could write them all,…execution then becomes an issue for most teams…as long build and development cycles…are really an anti-pattern in today's processes.…To address this problem,…focus on the high-risk areas…and determine where to get the most reward.…You'll see an immediate value…from automating the mitigations and testing…for these high-risk areas on each release.…
You will have immediate feedback…to your team and stakeholders…that the software you are delivering…is not exposing you to these risks…or at the very least not increasing your exposure.…
AuthorFrank P Moley III
- Understanding attackers and risks
- Documenting your risks
- Issues related to web client–server interactions
- Issues related to thick app and client–server interactions
- Authorization and cryptography issues
- Implementing security in each phase of the software development life cycle
Skill Level Beginner
What you need to know1m 35s
1. Security and Risk Overview
2. Web Client Server Interaction Code Issues
3. Thick App and Client-Server Interaction Issues
4. Crypto and Security Misuse Issues
5. Security in the SDLC
Next steps2m 10s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.