During our last podcast with Bill Sempf (@sempf), we were talking about how to get developers to understand how to turn a vuln into a defect and how to get a dev to understand how vulns affect the overall quality of the product.
During our conversation, a term "ASVS" came up. So we did a quick and dirty session with Bill about this. It's a security #requirements #document that ensures that projects that are being scoped out are meeting specific security requirements. This can be a valuable ally when your company is creating products or software applications. Bill explains with us this week exactly how you incorporate this into your Secure #SDLC #lifecycle
#project #management #security #architect
Direct Link: http://traffic.libsyn.com/brakeingsecurity/sempf2.mp3
iTunes Link:
TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/
Bill's Bside Columbus talk on ASVS: http://www.irongeek.com/i.php?page=videos/bsidescolumbus2015/defense00-got-software-need-a-security-test-plan-got-you-covered-bill-sempf
Bill's Blog: http://www.sempf.net
Bill's Twitter: http://www.twitter.com/sempf
BrakeSec Podcast Twitter: http://www.twitter.com/brakesec
No comments:
Post a Comment