Software rotting and why you need to change your approach to security | With Giulio Vian
A new phenomenon stand out in recent years: security must pervade the entire software development lifecycle. Except it isn’t. Current generation of processes and tools is lacking crucial features to properly manage modern security risks.
Think of the Log4J event. Were you able to identify all affected components? Were they internally developed, or you need a vendor support? How fast you were able to deliver a fix?
In this talk we’ll explore the challenges, what you can do with current tools, and which gaps should be addressed by communities through better practices and new tools.
A new phenomenon stand out in recent years: security must pervade the entire software development lifecycle. Except it isn’t. Current generation of processes and tools is lacking crucial features to properly manage modern security risks.
Think of the Log4J event. Were you able to identify all affected components? Were they internally developed, or you need a vendor support? How fast you were able to deliver a fix?
In this talk we’ll explore the challenges, what you can do with current tools, and which gaps should be addressed by communities through better practices and new tools.
source
More About This Author
Array
- YouTube6 November 2022Rapid Prototyping as a way to validate your idea – YouTube
- YouTube6 November 2022Building, Deploying and Observing SDKs as a Service – YouTube
- YouTube2 November 2022Chaos Engineering for Cloud native Apps – YouTube
- YouTube26 October 2022ClickOps over GitOps – YouTube