A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Estimating Development Security Maturity in About an Hour - Matt Clapham BSides Detroit 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

Estimating Development Security Maturity in About an Hour
Matt Clapham

The session describes a simple method of estimating a development team’s security maturity, i.e. how well they make a secure software product, by looking at five key factors. The factors and a simple rating system will be shown coupled with real-world samples. Applicable usage scenarios as well as comparison to other security maturity models will be given. Learn how to yardstick software's secure development process quickly for triage, analysis, etc.

Matthew (Matt) Clapham makes products more secure. His career is a rare blend of both product development and enterprise operations. He is currently a Principal Product Security Leader at GE Healthcare. Matt previously worked as a Software Tester, IT Policy Author, Auditor and Security Advisor to all things games at Microsoft. He is familiar with security foibles in all software and how to overcome them. Mr. Clapham is frequent speaker and author of magazine articles on IT, security, games or some combination thereof. He holds degrees in engineering and music from the University of Michigan.

Back to BSides Detroit video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast