Notas del episodio
On this episode of CISO Tradecraft, you can learn how to build an Application Security program.
- Start with Key Questions for
- Security
- IT Operations
- Application Development/Engineering Groups
- Identify Key Activities
- Asset Discovery
- Asset Risk Prioritization
- Mapping Assets Against Compliance Requirements
- Setting up a Communications Plan
- Perform Application Security Testing Activities
- SAST
- DAST
- Vulnerability Scanners
- Software Composition Analysis
- Secrets Scanning
- Cloud Security Scanning
- Measure and Improve Current Vulnerability Posture through metrics
- The number of vulnerabilities ...