Getting Started with SDL

Logo
Presented by

Steven B. Lipner, CISSP, Executive Director, SAFECode

About this talk

The security development lifecycle (SDL) process is the “gold standard” used by large software development organizations to deliver secure software. But what about the rest of us? What if, instead, you work in a small-to-midsized dev shop lacking the resources of larger organizations? Good news! SDL is for you too -- and it doesn’t have to break the bank. There are a variety of approaches and free resources that can help smaller organizations create effective SDL programs. With management commitment to SDL fundamentals, and an investment of resources proportional to the size of the development organization and its products, it's possible for smaller organizations to get started and build an effective SDL program that delivers software that customers will find secure. Learning Objectives: •Create a plan for rolling out an SDL program in their organization, know what management and stakeholder buy-in they need, and get moving on implementing an SDL. •Access a variety of free and affordable resources to help create and sustain an SDL program. •Recognize and address secure development concerns of importance to smaller organizations and ways that they can address those concerns.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (107)
Subscribers (21314)
(ISC)² Security Congress channel contains digital content of activities at (ISC)2's Flagship conference event. You'll find keynotes, sessions and related items.