A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Code Hedgehogs - Changing the "S" in SDLC to Secure - Penelope Rozhkova OISF 2021 (Hacking Illustrated Series InfoSec Tutorial Videos)

Code Hedgehogs - Changing the "S" in SDLC to Secure
Penelope Rozhkova

Secure Software Development is a shift-left effort aiming to identify security vulnerabilities early on in the development lifecycle. The take-aways for this talk will be ideas on how to engage developers in shifting the security posture of their organizations through secure coding with a simple analogy, concrete steps at each phase of the SDLC, and fun ways to learn how to do it. We will begin with a quick review on how to integrate secure coding at each step of the Software Development Life Cycle. Next we will discuss the top application vulnerabilities and mitigation techniques to defend against known attacks. Then we will also discuss the three approaches to threat modeling. Finally we will wrap things up with recommendations on how to try your hand on the other side through gamified Red Team challenges where coding skills give you a decided advantage.

Penelope Rozhkova is an experienced CyberSecurity Professional and an avid learner passionate about all things cyber. She has two Bachelor's and a Master's in other fields, and now a degree in Cyber Security & Information Assurance. She is active in the Black Hills Information Security community where she has been appointed to their "Friends of BHIS" designation, lovingly known as the Nerd Herders. You might even stumble upon cameo appearances on their newscast or Back Doors & Breaches demos found on YouTube or Twitch. An educator at heart, she is excited to share her expertise with audiences whenever given the opportunity. Penelope has CompTIA Security+ and CySA+ certifications and most recently was an adjunct instructor at Northern Kentucky University's NSA/NSF GenCyber Camp.


Back to OISF 2021 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast