20 for 2020: Mind Your Own Business

(Development Security Operations)

Originally from David’s Linkedin:

Ch 18 of Tetra Defense’s #20for2020: “Mind Your Own Business”

Way back in chapter 3, we talked about continuous vulnerability management, a critically important part of your information security program.

Today, we build on that by adding in the concept of #devsecops, or development security operations. The idea here is that in order to ensure the cybersecurity of applications you develop in-house, you need to apply the same level of rigor to them as you do to the applications and software you purchase from vendors (i.e. minding your own business!).

You can achieve this by encouraging your developers to employ secure coding practices, ensuring that developers have access to current resources & training around that topic, and by continuously monitoring the performance of, and updating, the software you develop.

Finally — Michael Young — this one’s for you. Go Crew.

Check out the rest of the 20 for 2020 video series: