Artwork

Innhold levert av Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.
Player FM - Podcast-app
Gå frakoblet med Player FM -appen!

CCT 190: Integrating Security in Software Development - Exploring SDLC, Agile, and DevSecOps for the CISSP (Domain 8.1)

46:13
 
Del
 

Manage episode 448461196 series 3464644
Innhold levert av Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.

Send us a text

Unlock the secrets of integrating security within every phase of software development as we tackle Domain 8 of the CISSP exam. Our exploration begins with a deep dive into the software development lifecycle (SDLC) and its various methodologies like Agile, Waterfall, DevOps, and DevSecOps. Through a gripping tale of a Disney World IT insider's digital manipulation, we underscore the critical importance of safeguarding systems, especially when skilled employees exit the stage. This episode promises to arm you with the knowledge to fortify your organization's cybersecurity posture effectively.
We then navigate the contrasting landscapes of software development models, weighing the structured order of the Waterfall model against the adaptive flexibility of Agile and the risk-focused Spiral model. Each approach comes with its own set of challenges and benefits, particularly concerning security integration and usability. Through the lens of iterative feedback and prototype development, we highlight how these methodologies can help refine requirements and minimize ambiguities, ensuring that security and functionality walk hand in hand.
Finally, explore how the IDEAL model can transform your organization's security practices. Designed to improve cybersecurity and risk management, this structured improvement approach offers clear phases: Initiating, Diagnosing, Establishing, Acting, and Learning. We also discuss the impactful mission behind CISSP training, where proceeds support a nonprofit for adoptive children. This initiative not only enhances your cybersecurity skills but also contributes to a cause greater than yourself. Join us as we unpack these strategies, providing insights that could significantly shape your cybersecurity career.

Gain access to 60 FREE CISSP Practice Questions each and every month for the next 6 months by going to FreeCISSPQuestions.com and sign-up to join the team for Free. That is 360 FREE questions to help you study and pass the CISSP Certification. Join Today!

  continue reading

Kapitler

1. CISSP Cyber Training Podcast (00:00:00)

2. Software Development Life Cycle Models (00:07:27)

3. Waterfall Model Versus Agile and DevSecOps (00:13:26)

4. Spiral Model in Software Development (00:21:05)

5. Agile Scrum and Security Integration (00:25:43)

6. Structured Improvement Model for Security (00:39:07)

7. Supporting Adoption With CISSP Training (00:44:46)

201 episoder

Artwork
iconDel
 
Manage episode 448461196 series 3464644
Innhold levert av Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.

Send us a text

Unlock the secrets of integrating security within every phase of software development as we tackle Domain 8 of the CISSP exam. Our exploration begins with a deep dive into the software development lifecycle (SDLC) and its various methodologies like Agile, Waterfall, DevOps, and DevSecOps. Through a gripping tale of a Disney World IT insider's digital manipulation, we underscore the critical importance of safeguarding systems, especially when skilled employees exit the stage. This episode promises to arm you with the knowledge to fortify your organization's cybersecurity posture effectively.
We then navigate the contrasting landscapes of software development models, weighing the structured order of the Waterfall model against the adaptive flexibility of Agile and the risk-focused Spiral model. Each approach comes with its own set of challenges and benefits, particularly concerning security integration and usability. Through the lens of iterative feedback and prototype development, we highlight how these methodologies can help refine requirements and minimize ambiguities, ensuring that security and functionality walk hand in hand.
Finally, explore how the IDEAL model can transform your organization's security practices. Designed to improve cybersecurity and risk management, this structured improvement approach offers clear phases: Initiating, Diagnosing, Establishing, Acting, and Learning. We also discuss the impactful mission behind CISSP training, where proceeds support a nonprofit for adoptive children. This initiative not only enhances your cybersecurity skills but also contributes to a cause greater than yourself. Join us as we unpack these strategies, providing insights that could significantly shape your cybersecurity career.

Gain access to 60 FREE CISSP Practice Questions each and every month for the next 6 months by going to FreeCISSPQuestions.com and sign-up to join the team for Free. That is 360 FREE questions to help you study and pass the CISSP Certification. Join Today!

  continue reading

Kapitler

1. CISSP Cyber Training Podcast (00:00:00)

2. Software Development Life Cycle Models (00:07:27)

3. Waterfall Model Versus Agile and DevSecOps (00:13:26)

4. Spiral Model in Software Development (00:21:05)

5. Agile Scrum and Security Integration (00:25:43)

6. Structured Improvement Model for Security (00:39:07)

7. Supporting Adoption With CISSP Training (00:44:46)

201 episoder

Alle episoder

×
 
Loading …

Velkommen til Player FM!

Player FM scanner netter for høykvalitets podcaster som du kan nyte nå. Det er den beste podcastappen og fungerer på Android, iPhone og internett. Registrer deg for å synkronisere abonnement på flere enheter.

 

Hurtigreferanseguide

Copyright 2024 | Sitemap | Personvern | Vilkår for bruk | | opphavsrett