TribeQonf2024_Dimpy_ShiftingSecurityLeft
DimpyAdhikary
134 views
17 slides
Jul 23, 2024
Slide 1 of 17
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
About This Presentation
Embedding Sewcurity Throughout Agile Workflow
Slide Content
Dimpy Adhikary Quality Analyst * Embedding Security Throughout Agile Workflow India's Premium-most and Largest Testing Conference
Embedding Security Throughout Agile Workflow Experience On Reactive vs. Proactive Security Approaches. Benefits of Integrating Security Into Team Culture. Context
Embedding Security Throughout Agile Workflow Key Statistics: +34 new adversaries 232 total adversaries tracked 75% increase in cloud environment intrusions 76% increase in eCrime victims on dedicated leak sites 110% increase in cloud-conscious cases 84% of cloud-conscious intrusions focused on eCrime CrowdStrike 2024 Global Threat Report
Embedding Security Throughout Agile Workflow Agenda The Challenge In Reactive Security Approach Ways Of Shifting Security Left Lessons Learnt
Embedding Security Throughout Agile Workflow Security Testing After Deployment Key Challenges: Security Testing Is Deprived Of Needed Attention And Time . No Single Tool for Comprehensive Security In Sprint Security Testing Is Not Feasible Multiple Attack Surfaces Microservices Level Third-Party Dependencies Containers Cloud Infrastructure - Compliance Requirements
Embedding Security Throughout Agile Workflow Shifting Security Left Enforcing Security Policies Early Using Tools And Techniques Continuous Monitoring Training And Collaboration
Feature - Email Subscription To A Daily Newsletter As a User , I want to Subscribe to the daily newsletter, So that I can stay updated with the latest news and updates. As an Attacker , I want to Exploit the email subscription feature So that I can harvest a large number of valid email addresses For spamming or selling on the black market. Embedding Security Throughout Agile Workflow
The First Step - Threat Modelling Map the System: Identify Assets, Actors, Interactions Brainstorm Threats: Consider Vulnerabilities and A ttack vectors . Mitigate & Prioritize: Define Controls and Assess Remaining Risk. Embedding Security Throughout Agile Workflow
Map The System Embedding Security Throughout Agile Workflow
Embedding Security Throughout Agile Workflow
Security In The Code & Build Phase Embedding Security Throughout Agile Workflow
Security In The Testing Phase Embedding Security Throughout Agile Workflow
Embedding Security Throughout Agile Workflow
Security In The Monitoring Phase Application Activity Monitoring Tools New Relic, Datadog, Splunk User Account Monitoring Tools: Okta, Auth0, Microsoft Azure AD Network Traffic Monitoring Tools: Wireshark, SolarWinds, Snort Infrastructure Monitoring Tools: Prometheus, Nagios, Zabbix Compliance Monitoring Tools: Tripwire, Qualys, Rapid7 Embedding Security Throughout Agile Workflow
Embedding Security Throughout Agile Workflow Security Tools Landscape
Learnings From Shifting Security Left Foster Security Training And Awareness. Incorporate Security From The Planning Phase. Adopt Secure Coding Standards . Promote Automated Security Testing. Continuous Monitoring and Logging. Embedding Security Throughout Agile Workflow
Happy Testing ! Dimpy Adhikary dimpyad Embedding Security Throughout Agile Workflow
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 134
- Slides 17
- Age 498 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
32 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
35 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
32 views
14
Fertility awareness methods for women in the society
Isaiah47
30 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
29 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
30 views