AppSec Decoded: Raising the security bar in DevSecOps | Black Duck

preview_player
Показать описание
Tracking the right metrics is essential in DevSecOps as it helps measure the effectiveness of your security program. Clint Gibler, head of security research at Semgrep, discusses how teams can raise their security bar with useful measurement metrics, as well as how to identify high ROI security investments for their DevSecOps program.

0:00 – Intro
0:46 – Useful measurements to consider
4:45 – High ROI security investment examples
  1. Black Duck
  2. synopsys software integrity
  3. application security
  4. software security
  5. web application security
Рекомендации по теме
AppSec Decoded: Raising 0:07:50

AppSec Decoded: Raising the security bar in DevSecOps | Black Duck

AppSec Decoded: Raising 0:08:13

AppSec Decoded: Raising the security bar in DevSecOps | Black Duck

Application Security 101 0:08:05

Application Security 101 - What you need to know in 8 minutes

AppSec Decoded: Building 0:11:58

AppSec Decoded: Building Security into DevOps Part 1 | Black Duck

AppSec Decoded: Continuous 0:09:08

AppSec Decoded: Continuous Dynamic

AppSec Decoded: Reaching 0:10:42

AppSec Decoded: Reaching DevSecOps maturity | Black Duck

AppSec Decoded: Software 0:11:17

AppSec Decoded: Software Vulnerability Snapshot takeaways

AppSec Decoded: Key 0:02:55

AppSec Decoded: Key findings from the 2021 OSSRA report | Black Duck

AppSec Decoded: Get 0:15:18

AppSec Decoded: Get the most out of your open source software | Black Duck

AppSec Decoded: Reducing 0:11:28

AppSec Decoded: Reducing the risk of ransomware | Black Duck

Learn Application Security 0:05:53

Learn Application Security in 5 Minutes | EC-Council CASE (Certified Application Security Engineer)

AppSec Decoded: What 0:03:15

AppSec Decoded: What is driving DevSecOps Adoption? | Black Duck

Understanding The Fundamentals 0:09:41

Understanding The Fundamentals of API Security | How APIs are Attacked and How to Secure Them

AppSec Decoded: Addressing 0:09:13

AppSec Decoded: Addressing NIST guidelines begins with understanding your risk profile | Black Duck

AppSec Decoded: Takeaways 0:08:18

AppSec Decoded: Takeaways from the 2022 “Software Vulnerability Snapshot”report | Black Duck

AppSec Decoded: Strategies 0:04:12

AppSec Decoded: Strategies for identifying and preventing malicious code in your SDLC | Black Duck

TAC Security CEO 0:04:13

TAC Security CEO Trishneet Arora Explained Next-Gen Vulnerability Assessment - ESOF AppSec

Shifting Knowledge Left: 0:50:51

Shifting Knowledge Left: Keeping up with Modern Application Security

AppSec Decoded: Methods 0:07:11

AppSec Decoded: Methods and tools for SBOM generation | Black Duck

Decoding OWASP Top 0:07:50

Decoding OWASP Top 10: A Pentester's Guide

Web application security: 0:56:25

Web application security: 10 things developers need to know

What is API 0:13:39

What is API Security? | AppSec 101

What Is Dynamic 0:19:41

What Is Dynamic Application Security Testing (DAST)? | AppSec 101

AppSec Decoded: Achieve 0:09:08

AppSec Decoded: Achieve frictionless AppSec for developers with Polaris | Black Duck