AMA: DevSecOps versus Secure SDLC

Ask Me Anything Live Streams at SheHacksPurple.dev!

In a recent ‘Ask Me Anything’ live stream, Tanya Janca of We Hack Purple discusses ‘DevSecOps versus Secure SDLC’. This video is approximately 2.5 minutes.

  • DevSecOps is you as an AppSec professional, doing your job, in a DevOps environment.
  • A secure SDLC is when you add security activities to your system development lifecycle. Preferably in every phase of the SDLC, and formalized (devs cannot avoid it).
  • Examples of secure SDLC

-Threat modelling during design

-Adding security requirements & review during requirements gathering

-Reviewing your design for security flaws and to ensure secure deign concepts are applied

For this and more, check out my book, Alice and Bob Learn Application Security and my online training academy, We Hack Purple!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store