上传者: testvaevv
|
上传时间: 2021-08-07 14:00:18
|
文件大小: 969KB
|
文件类型: PDF
越来越多的软件企业已经意识到安全的重要性,但由于缺乏安全方面的知识和资源,软件安全的落地仍困难重重。本议题从一些容易实现的安全措施的入手,讲解如何在一个软件企业中实施一个安全项目来提高软件的安全质量。
Vulnerabilities
Adhoc solution
Cost to fix these issues
RnD’s voice to security
RnD’s impression to security guys
RnD’s expectation to security guys
Security guys’ challenge
Security as a quick start
Create security bug type
Security user story
Security dashboard
So evolve
Security program
Security awareness training
Security release criteria
Threat modeling and security design review
Security assessment
Risk response
Apply what you learnt today
To be continued