At SAFECode, we often talk about the need to look beyond the technical requirements of implementing a secure software development lifecycle and think more expansively about creating a holistic software security program that encompasses both strong technical practices and healthy business processes. Some of the non-technical aspects of managing a mature secure development program include stakeholder engagement and communication, deployment planning, program measurement, and the development of a security-supportive culture.
Read MoreDeveloping a software security program without consideration for the people who create the software is an effort doomed to fail. Creating and fostering a security-supportive culture is essential to successfully scaling a software security program. This Includes ensuring the right mix of expertise and skill level to meet an organization’s goals. Here you will find free software security training courses delivered via on-demand webcasts along with guidance on training program design and ideas for fostering a security-supportive culture.
New Report Offers Practical Guidance on Developing a Security-Supportive Culture for DevSecOps
Fundamental Practices for Secure Software Development, Third Edition
Publication
Evander Pierre2020-09-02T13:06:27-04:00
The Six Pillars of DevSecOps: Collective Responsibility
Publication
Scott Licata2020-06-19T10:20:34-04:00
New Report Offers Practical Guidance on Developing a Security-Supportive Culture for DevSecOps
Blog
Megan Cannon2020-06-23T11:06:26-04:00
Load More Posts