In this episode, Donn talks with Glenn Leifheit from Microsoft about a concept known as “Secure Development Lifecycle”. Glenn is a Senior Security Program Manager at Microsoft.
Glenn explains to you what the secure development lifecycle is, how it works and how you can implement something like this in your company. He also shares the top tips you can implement in order to get the quickest benefit of the Secure Development Lifecycle
Links from the show
- Application Inspector: GitHub
- DevSkim: GitHub
- Attack Surface Analyzer: GitHub
- OSS Gadget: GitHub
- Recursive Extractor: GitHub
- Microsoft SDL: Microsoft Security Development Lifecycle
- CodeQL: CodeQL for research | GitHub Security Lab
- OWASP: OWASP Foundation | Open Source Foundation for Application Security
- OWASP Top 10: OWASP Top Ten Web Application Security Risks | OWASP
- OWASP Web Security Testing Guide: OWASP Web Security Testing Guide
- Python basic code analysis: Pylint – code analysis for Python | www.pylint.org
- TypeScript basic code analysis: GitHub – typescript-eslint/typescript-eslint: Monorepo for all the tooling which enables ESLint to support TypeScript
Find Glenn online here
Donn’s Free E-Book on Freelancing
Contact
- @fragmentedcast or our Youtube channel
- @donnfelker and donnfelker (on Instagram)
- Freelancing for Mobile Developers (Donn’s YouTube)
- kaushikgopal (on YouTube) or blog.kaush.co or @kaushikgopal
Disclaimer: Many of the links we share to products are affiliate links. They help support the production of Fragmented. Thank you for your support.