Cyber Roulette: Playing with Digital Risks

Description

Don’t roll the dice on dealing with digital risk! Dive into the world of secure applications with  Farshad Abasi’s savvy software testing methods.

Discover how adopting DevSecOps best practices like enlisting security champions within your dev teams can scale your security practices.

Learn the strategies small and medium-sized companies can adopt to efficiently address application security without the need for full-time AppSec hires. Master how to balance AppSec and Development with the 80-20 rule.

Get all this juicy information and more on this very exciting episode. Tune in today!

Highlights from the episode

• Effective software testing methods to protect your apps
• A comprehensive deep-dive into threat scenarios
• The benefits of following the OWASP framework
• How DevSecOps can redefine your approach to security

“Threat modeling and code review. You’ve got to do all four of those, and most people are only doing one.”

“Assessing vulnerabilities and performing comprehensive threat modeling is essential. It’s not just about individual weaknesses; you must consider how these holes in your system can be exploited by attackers across different layers. Neglecting this holistic approach may leave you vulnerable to basic attacks, as seen in the Capital One case.”

“Tools play a significant role. In the realm of software security, it's possible to integrate static analysis into your development pipeline. This way, as your developers commit code, a fundamental layer of security is applied to the source code.”