Top 5 Reasons Why Effective SDLC Security Controls Are So Difficult скачать в хорошем качестве

Top 5 Reasons Why Effective SDLC Security Controls Are So Difficult

DevOps has been around for more than a decade. However, security teams still struggle to react to the drastic changes it brought to the SDLC. The influx of tooling needed to facilitate DevOps also brought with it added attack surface, complexity and a lack of visibility; all of which have left security teams on their heels. Attackers have taken notice and shifted their attack priorities from production environments to the software delivery pipelines that build those applications. Interestingly, the techniques used to cause software supply chains are frequently less sophisticated than we see elsewhere in security. Often, breaches occur because the basics of security, such as enforcing separation of duties and least privilege, aren’t properly implemented across the SDLC. It turns out that implementing consistent security controls in modern software development environments can be a big challenge. In this webinar you’ll learn: Why security struggles to keep up with the pace of engineering Why effective security controls are so hard to implement across the SDLC How security teams can harden their tooling against software supply chain attacks