At SAFECode, we often talk about the need to look beyond the technical requirements of implementing a secure software development lifecycle and think more expansively about creating a holistic software security program that encompasses both strong technical practices and healthy business processes. Some of the non-technical aspects of managing a mature secure development program include stakeholder engagement and communication, deployment planning, program measurement, and the development of a security-supportive culture.
Read MoreDeveloping a software security program without consideration for the people who create the software is an effort doomed to fail. Creating and fostering a security-supportive culture is essential to successfully scaling a software security program. This Includes ensuring the right mix of expertise and skill level to meet an organization’s goals. Here you will find free software security training courses delivered via on-demand webcasts along with guidance on training program design and ideas for fostering a security-supportive culture.
New Report Offers Practical Guidance on Developing a Security-Supportive Culture for DevSecOps
Conway’s Law: does your organization’s structure make software security even harder?
Blog
wpengine2020-06-19T15:49:29-04:00
Software development teams: please don’t think like a hacker!
Blog
Evander Pierre2020-06-19T16:05:59-04:00
The Three Horsemen and the Culture of Software Security
Blog
Evander Pierre2020-06-19T16:09:28-04:00
Load More Posts