Sign up to save your podcasts
Or
Share Threat Modeling and (Extreme) Shift Left with Anderson Dadario
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Threat Modeling and (Extreme) Shift Left with Anderson Dadario
Web Security Dev Academy WAITING LIST: http://links.dev-academy.com/b8F
Secure your spot and receive exclusive bonuses 🎉
In this conversation, Anderson Dadario, the founder of DevOps.security, discusses the importance of integrating security into the software development process. He explains the differences between traditional DevOps and DevSecOps, emphasizing the need for security by design and shifting security left in the development cycle. Anderson also provides insights into conducting a threat modeling exercise for a web application, identifying potential risks, and implementing mitigation techniques. He highlights the importance of understanding the business requirements and balancing security measures with the risk appetite of the company. Additionally, he suggests quick wins for developers to integrate security into their DevOps workflow. The conversation covers different approaches to threat modeling, common security vulnerabilities for developers, spectacular exploitation situations, and final thoughts and resources.
Takeaways
Connect with Us:
Bartosz:
- https://github.com/bartosz-io
- https://twitter.com/bartosz_io
- https://www.linkedin.com/in/bpietrucha
Anderson:
- https://www.linkedin.com/in/andersondadario/
- https://devops.security/
Thank you for tuning in to the Dev Academy Podcast. Enhance your web security insight with us as we explore the fascinating world of technology with industry experts.
#DevSecOps #WebSecurity #SoftwareDevelopment #ThreatModeling #CyberSecurity #SecurityByDesign #DevOpsSecurity #SecureCoding
View all episodes
By Bartosz | Dev AcademyWeb Security Dev Academy WAITING LIST: http://links.dev-academy.com/b8F
Secure your spot and receive exclusive bonuses 🎉
In this conversation, Anderson Dadario, the founder of DevOps.security, discusses the importance of integrating security into the software development process. He explains the differences between traditional DevOps and DevSecOps, emphasizing the need for security by design and shifting security left in the development cycle. Anderson also provides insights into conducting a threat modeling exercise for a web application, identifying potential risks, and implementing mitigation techniques. He highlights the importance of understanding the business requirements and balancing security measures with the risk appetite of the company. Additionally, he suggests quick wins for developers to integrate security into their DevOps workflow. The conversation covers different approaches to threat modeling, common security vulnerabilities for developers, spectacular exploitation situations, and final thoughts and resources.
Takeaways
Connect with Us:
Bartosz:
- https://github.com/bartosz-io
- https://twitter.com/bartosz_io
- https://www.linkedin.com/in/bpietrucha
Anderson:
- https://www.linkedin.com/in/andersondadario/
- https://devops.security/
Thank you for tuning in to the Dev Academy Podcast. Enhance your web security insight with us as we explore the fascinating world of technology with industry experts.
#DevSecOps #WebSecurity #SoftwareDevelopment #ThreatModeling #CyberSecurity #SecurityByDesign #DevOpsSecurity #SecureCoding