It’s an unfortunate truism that many good developers are bad at software security. They cling to the belief that security is something you can just buy and bolt on, but that’s not the case. It’s not that developers want to be bad at security, they just don’t know where to start and where they should go. This video offers a clear route. It begins with a high level overview of today’s security threats and the organizational strategies used to counter those threats; it details the roles that SSG members, developers, testers and operations personnel must perform in a security focused SDLC; and finishes with a survey of the protocols, tactics, and tools used to optimize security at the physical, network, application, and perimeter levels.
Brian Sletten is a software engineer who focuses on security consulting, web architecture, resource-oriented computing, social networking, the Semantic Web, data science, 3D graphics, visualization, scalable systems, and other technologies. He has experience in retail, banking, online games, defense, finance, hospitality and healthcare.