On my way to our #Dagstuhl seminar on the Empirical Evaluation of Secure Development Processes. Looking forward to an interesting and intense week of discussions! Co-organized with Laurie Williams, Sam Weber, Brendan Murphy and Steve Lipner. #SDLC
https://www.dagstuhl.de/en/seminars/seminar-calendar/seminar-details/23181

OWASP Application Security Verification Standard https://t.co/TF4Kn9dXd3 #SDLC

The person who came up with the term "WaterFragile" has definitely seen some sh*t.

#Software #SDLC #Agile #Waterfall #FOSS

#ITByte: #Software development process is the process of dividing software development work into smaller, parallel or sequential steps or subprocesses. It is also known as a software development life cycle (#SDLC).

Here is a 2-min Introduction to Software Development Lifecycle (SDLC).

https://knowledgezone.co.in/trends/explorer?topic=Dev-Methodology

I am weirdly gleeful that a book about securing python from a development standpoint exists and I get to now read it.

#Python #SDLC

As we all move over to here using things like Tusky, etc, and people are bringing up servers:

1. Is the security community helping to audit the code? 3PP scanning? Etc?

2. When there are security issues that arise in Mastodon or those apps is there a quick triage system in which a RCE or something can be patched with a relatively quick SLA?

3. I see some of the infosec people here on different servers, is there a one stop shop for all things Mastodon security related?

#SDLC #Security

“#nsa Releases Guidance on How to Protect Against Software Memory Safety Issues”
#software #appsec #cybersecurity #infosec #sdlc

https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/3215760/nsa-releases-guidance-on-how-to-protect-against-software-memory-safety-issues/

Then I'll outline how to leverage component isolation and software attestation from Trusted Execution Environments to build secure distributed applications -- linking to @MykytaPetik@twitter.com's work on #DataProtection and #SDLC, and also to telecom, Edge, and IoT: https://secappdev.org/2022/public/sessions/trustedexecution.html

.@MykytaPetik@twitter.com will talk about how #PrivacyByDesign helps developers to take care of personal data processing requirements in their projects, how to implement #GDPR guidelines in an #SDLC, and how to involve DPOs and lawyers in this process: https://secappdev.org/2022/public/sessions/implementinggdpr.html

RT @Vi_Liam@twitter.com

🌐 Cartographie des acteurs étatiques de la communauté cyber française.

➡️https://bit.ly/2WsXjty

#CyberMois #ANSSI #COMCYBER #SDLC #C3N #BEFTI #DGSE #DGSI #DRSD #DRM #DNRED #Tracfin

🐦🔗: https://twitter.com/Vi_Liam/status/1189999365487763458