#buildsecurityin search results

Secure coding from the ground up: Embrace DevSecOps principles and integrate security testing throughout the software development lifecycle. #ShiftLeftSecurity #BuildSecurityIn

We invite you to present your ideas at #SecConf2023. Show the world the change that can be made when security and development come together. Submit your talks by 7th August #JoinTheShift #BuildSecurityIn Submit here: forms.gle/rbHQSKPAwiVVCC… secconf.org

Submit your talks here: forms.gle/2DB6vqc1xSN7Hw… Spread the word and encourage your colleagues to submit their ideas as well. For any queries reach out to us on [email protected] #thoughtworksindia #thoughtworks #buildsecurityin #security

Kudo’s to Google + Google Chrome engineering and development teams #securityfirst U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency #buildsecurityin #devsecops lnkd.in/dJmU-WwU

Our Build Security In journey - cybersecurity work is never done, but teams across Comcast are now working in this way. #BuildSecurityIn #CreateTheFutureWithUs lightreading.com/security/cyber…

Interested in security? don't miss this event, well known international speakers and event is free. #SecConf #security #BuildSecurityIn #infosec #cybersecurity #event #informationsecurity lnkd.in/gYrrqZ4S

3. Trying to achieve “security through inspection”: #BuildSecurityIn

Yikes - but denying reality doesn't change it. Must accept this and then figure out how to deal with it. darkreading.com/application-se… #cybersecurity #buildsecurityin #OpenSource Nice reporting by @roblemos

#buildsecurityin from concept to delivery #softwaresecurity #DevSecOps #threatinformed #threatmodeling

Absolutely! We realized that it is futile to try and achieve “quality through inspection” in the last century. Security is no different! #BuildSecurityIn

I never buy a product with “QC Tested” or other quality control stickers. Good luck trying to improve quality though a final inspection! Inspection is too late. The quality, good or bad, is already in the product. Security is no different! #BuildSecurityIn #Deming

“Cease dependence on inspection to achieve quality. Eliminate the need for inspection on a mass basis by building quality into the product in the first place.” is a well-known adage in #quality circles - #security is no different. #BuildSecurityIn

Concerned about the latest round of cyber-attacks and breaches in critical systems? Check out my latest article: The Mysterious Disappearance of Systems Security Engineering linkedin.com/pulse/mysterio… via @LinkedIn #BuildSecurityIn #SystemsEngineering #SecurityEngineering #Assurance

Great talk from Ron Ross, Fellow at NIST. #NISTCyber #DevSecOps #BuildSecurityIn #ZeroTrust He covers the multi-dimensional aspects of cybersecurity complexity that we currently all face. The traditional cybersecurity hygiene, or the things "above the waterline", 1/x

It's time for a strategic cybersecurity reset to focus our attention "below the waterline." This presentation at the 2020 CLASS Cyber Retreat covers zero trust, DevSecOps, and systems security engineering. youtu.be/CMDUFzVU0K0 #NISTCyber #DevSecOps #BuildSecurityIn #ZeroTrust

Exciting talk on PROactive controls today #CodeMash @manicode #buildsecurityin

RT ronrossecure: The warning signs are everywhere. Identify critical and high value assets ASAP. Protect using state-of-the-practice systems security engineering methods, security design principles, and cyber resiliency techniques. #BuildSecurityIn #NIST…

Thinking out of the box. Considering a new NIST guideline on how to apply the systems security engineering concepts from SP 800-160, Vol. 1 to Agile and DevOps development environments. Protect at the speed of industry. Simplify. Innovate. Automate. #NISTCyber #BuildSecurityIn

#buildsecurityin from concept to delivery #softwaresecurity #DevSecOps #threatinformed #threatmodeling

I never buy a product with “QC Tested” or other quality control stickers. Good luck trying to improve quality though a final inspection! Inspection is too late. The quality, good or bad, is already in the product. Security is no different! #BuildSecurityIn #Deming

To take maximum advantage of AI and machine learning tools, they must be implemented on a secure platform. If adversaries own your system or device, they can also corrupt the data generated from those tools--giving decision makers bogus information. #BuildSecurityIn #NIST800160

Intuit hosted @owasp last night in our second South Bay @Meetup along with @tooolsf and the @netflix security team. We had attendees from @NASA @Intuit @synopsys @amazon @whitehatsec @jpmorgan @PaloAltoNtwks and @IBM #owasp #security #buildsecurityin #swsec #hackers

Save the date! #IEEESecDev 2020 will be held at Georgia Tech in Atlanta, GA in September! Are you going this year?! #buildsecurityin @yiskande @ieeesecdev secdev.ieee.org

NIST retired its security SDLC publication, SP 800-64. NIST SP 800-160 will replace the previous publication. Focus is on security design principles and integrating security into a systems life cycle process. csrc.nist.gov/publications/d… #BuildSecurityIn #SystemsSecurityEngineering

Breaking: NIST releases final draft of SP 800-160, Volume 2, Developing Cyber Resilient Systems. Formal announcement this afternoon at the Billington Cybersecurity Summit in Washington, DC. go.usa.gov/xV8xK #NISTCyber #ProtectHVAs #BuildSecurityIn

Three simple reasons to adopt a DevSecOps approach: (1) We need to innovate at the speed of commercial industry; (2) We need to protect what we build; (3) We need to trust what we deploy. #NISTCyber #BuildSecurityIn #TrustButVerify #AssuranceMatters #NIST80053Rev5 #NIST800160

Already planning for the next Systems Security Engineering guideline, NIST 800-160 Vol. 3–Software Assurance. The adversaries are relentless; but so are we.... #NISTCyber #ProtectTheVote2020 #BuildSecurityIn #NIST800160 #ProtectCriticalInfrastructure

RT ronrossecure: Already planning for the next Systems Security Engineering guideline, NIST 800-160 Vol. 3–Software Assurance. The adversaries are relentless; but so are we.... #NISTCyber #ProtectTheVote2020 #BuildSecurityIn #NIST800160 #ProtectCriticalI…

New SSE Initiative: NIST will be exploring different approaches to incorporate security design concepts and principles in SP 800-160 into DevOps and Agile development environments. Simplify. Innovate. Automate. doi.org/10.6028/NIST.S… #BuildSecurityIn #TrustedAgile #SecureDevOps

The warning signs are everywhere. Identify critical and high value assets ASAP. Protect using state-of-the-practice systems security engineering methods, security design principles, and cyber resiliency techniques. #BuildSecurityIn #NIST800160 #ProtectHVAs stripes.com/news/us/americ…

GCTC-Smart & Secure Cities and Communities Challenge Public Safety SuperCluster & Cybersecurity Wkshp 10/29-30. Keynote: Security & Risk Management on #IoT Smart City @ronrossecure NIST Fellow go.usa.gov/xPjzE #GCTC_SC3 #BuildSecurityIn #SecureCities #CyberResiliency

We developed a slide presentation on the new NIST Cyber Resiliency guideline (SP 800-160, Volume 2). Great vehicle to introduce key cyber resiliency concepts to senior leaders and their staff. go.usa.gov/xVNQr #NISTCyber #ProtectCriticalAssets #BuildSecurityIn #NISTNextGen

RT ronrossecure: Forbes article highlights two NIST publications dedicated to building trustworthy, secure, cyber resilient systems. An absolute imperative to protect high value assets/critical infrastructure. forbes.com/sites/forbeste… #BuildSecurityIn #S…

Cyber resiliency concepts can be applied to new systems development and the 95% of legacy systems that are part of the installed base. Protect critical data and programs from the APT. NIST 800-160, Vol. 2 (FPD) on September 4. linkedin.com/posts/ronrosse… #NISTCyber #BuildSecurityIn

For those unable to attend the Billington Cybersecurity Summit, CSPAN provided this video of the opening ceremonies which included the announcement of NIST SP 800-160, Vol. 2--Developing Cyber Resilient Systems. c-span.org/video/?463941-… #NISTCyber #ProtectHVAs #BuildSecurityIn