DEV Community

Tanya Janca
Tanya Janca

Posted on • Edited on

3

AMA: DevSecOps versus Secure SDLC


In a recent 'Ask Me Anything' live stream, Tanya Janca of We Hack Purple discusses 'DevSecOps versus Secure SDLC'. This video is approximately 2.5 minutes.

  • DevSecOps is you as an AppSec professional, doing your job, in a DevOps environment.
  • A secure SDLC is when you add security activities to your system development lifecycle. Preferably in every phase of the SDLC, and formalized (devs cannot avoid it).
  • Examples of secure SDLC -Threat modelling during design -Adding security requirements & review during requirements gathering -Reviewing your design for security flaws and to ensure secure deign concepts are applied

Then Tanya gets off topic and talks about We Hack Purple.


For this and more, check out my book, Alice and Bob Learn Application Security and my online training academy, We Hack Purple!

Sentry image

Hands-on debugging session: instrument, monitor, and fix

Join Lazar for a hands-on session where you’ll build it, break it, debug it, and fix it. You’ll set up Sentry, track errors, use Session Replay and Tracing, and leverage some good ol’ AI to find and fix issues fast.

RSVP here →

Top comments (2)

Collapse
 
gadinaor profile image
Gadi Naor

The title !!!! and the observations on the differences between the two topics - really liked it.

You might find useful these kubernetes tools

Collapse
 
shehackspurple profile image
Tanya Janca

Thank you! :-D

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs