Securing Software Development: From SSDLC to Third-Party Risks episode artwork

EPISODE · Jun 4, 2024 · 12 MIN

Securing Software Development: From SSDLC to Third-Party Risks

from The ITSM Practice: Elevating ITSM and IT Security Knowledge · host Luigi Ferri

In this episode of 'The ITSM Practice' podcast, Luigi Ferri delves into the critical aspects of Secure Software Development Lifecycle (SSDLC), highlighting the shift from traditional SDLC to Security-by-Design. Through expert insights, the discussion covers the integration of security at every development phase, the role of third-party risk assessments, and the benefits of frameworks like NIST SSDF. The episode also emphasizes the necessity of cultural change within organizations to prioritize security in software development, offering practical advice for enhancing security postures against sophisticated threats. In this episode, we answer to: How critical is the importance of the Secure Software Development Lifecycle in today's tech-driven environment? What steps can organizations take to evolve from Traditional SDLC to Security-by-Design? How can organizations manage risks associated with third-party components in software development? Resources Mentioned in this Episode: Snyk, article "Secure Software Development Lifecycle (SSDLC)". link https://snyk.io/learn/secure-sdlc/ Hackerone, article "What Is the SSDLC (Secure Software Development Life Cycle)?", link https://www.hackerone.com/knowledge-center/what-ssdlc-secure-software-development-life-cycle Synopsys, article "Secure SDLC", link https://www.synopsys.com/blogs/software-security/secure-sdlc.html Vulcan, article "SDLC and secure coding practices: the ultimate guide for 2024", link https://vulcan.io/blog/secure-sdlc-best-practices/ Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In this episode of 'The ITSM Practice' podcast, Luigi Ferri delves into the critical aspects of Secure Software Development Lifecycle (SSDLC), highlighting the shift from traditional SDLC to Security-by-Design. Through expert insights, the discussion covers the integration of security at every development phase, the role of third-party risk assessments, and the benefits of frameworks like NIST SSDF. The episode also emphasizes the necessity of cultural change within organizations to prioritize security in software development, offering practical advice for enhancing security postures against sophisticated threats. In this episode, we answer to: How critical is the importance of the Secure Software Development Lifecycle in today's tech-driven environment? What steps can organizations take to evolve from Traditional SDLC to Security-by-Design? How can organizations manage risks associated with third-party components in software development? Resources Mentioned in this Episode: Snyk, article "Secure Software Development Lifecycle (SSDLC)". link https://snyk.io/learn/secure-sdlc/ Hackerone, article "What Is the SSDLC (Secure Software Development Life Cycle)?", link https://www.hackerone.com/knowledge-center/what-ssdlc-secure-software-development-life-cycle Synopsys, article "Secure SDLC", link https://www.synopsys.com/blogs/software-security/secure-sdlc.html Vulcan, article "SDLC and secure coding practices: the ultimate guide for 2024", link https://vulcan.io/blog/secure-sdlc-best-practices/ Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

NOW PLAYING

Securing Software Development: From SSDLC to Third-Party Risks

0:00 12:14

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of The ITSM Practice: Elevating ITSM and IT Security Knowledge?

This episode is 12 minutes long.

When was this The ITSM Practice: Elevating ITSM and IT Security Knowledge episode published?

This episode was published on June 4, 2024.

What is this episode about?

In this episode of 'The ITSM Practice' podcast, Luigi Ferri delves into the critical aspects of Secure Software Development Lifecycle (SSDLC), highlighting the shift from traditional SDLC to Security-by-Design. Through expert insights, the...

Can I download this The ITSM Practice: Elevating ITSM and IT Security Knowledge episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!