Resource: Training and Culture Development

Developing a software security program without consideration for the people who create the software is an effort doomed to fail. Creating and fostering a security-supportive culture is essential to successfully scaling a software security program. This Includes ensuring the right mix of expertise and skill level to meet an organization’s goals. Here you will find free software security training courses delivered via on-demand webcasts along with guidance on training program design and ideas for fostering a security-supportive culture.

New Report Offers Practical Guidance on Developing a Security-Supportive Culture for DevSecOps

At SAFECode, we often talk about the need to look beyond the technical requirements of implementing a secure software development lifecycle and think more expansively about creating a holistic software security program that encompasses both strong technical practices and healthy business processes. Some of the non-technical aspects of managing a mature secure development program include stakeholder engagement and communication, deployment planning, program measurement, and the development of a security-supportive culture.

Read More