Security Tsunami! SDL Fundamentals and Where to Start


By: Tania Skinner, Intel

There are 10,000 and one things you can do when it comes to secure software development.

Understanding the fundamentals of secure development and where to start is the message I delivered to an audience of software quality engineers, developers, testers and more at the Pacific Northwest Software Quality Conference (PNSQC). My technical presentation titled “Security Tsunami! SDL Fundamentals and Where to Start” was delivered October 8, 2018 in Portland, Oregon.

Developing secure software development practices can be intimidating for companies. The presentation highlighted how it’s possible to make this process easier by breaking secure software development into a few essential steps. A healthy, secure development program is an ever-evolving suite of skills, tools, and process coupled with an intricate understanding of an organization’s capabilities, culture, and appetite for risk. The presentation was based on secure development practices that have been effective in improving the software security in real-world implementations from our SAFECode member companies, across diverse product lines and various development methodologies.

Listen to my podcast about Fundamental Secure Software development here.

For those who couldn’t attend my presentation but are still interested in learning about secure software development, SAFECode provides a great set of best practices documents and online training. Download the Fundamental Practices for Secure Software Development, Third Edition here and learn how to establish a secure software development lifecycle.