Time
35 hours 10 minutes
Difficulty
Advanced
CEU/CPE
8

Video Transcription

00:01
greetings and welcome back to Cy Berries Comp TIA Certified Advance secreted Practice nous certification Preparation course.
00:11
We'll continue our discussion of margin on the six, which is tired of security development.
00:16
Here again are the objectives, which encompasses margin on the sixth.
00:20
However, at this point in time, we're gonna fool. Start teaching on discussion. Off
00:24
Section two will just tired understand requirements for software development.
00:29
Again, we are looking at Section two.
00:32
But before we get going, let's take a look at this pre assessment question,
00:36
and the question is as follows.
00:38
Blank plays a major role in providing security
00:41
as a major sources created problems. Is it a risk management?
00:46
Be software, See SQL injection or D click jacking.
00:52
If you said Let that be your absolute correct is called software.
00:59
Let's not turn our attention toward discussion of software security.
01:03
Obviously, as a future certified a van security practitioner, you need to understand
01:08
and let me be aware of the various
01:11
issues dealing with software security.
01:14
You need to understand the road at Subway place, particularly in terms of providing security, and it's also as a source of what we call insecurity
01:23
what we started to see nowadays minute of future programmers
01:26
gonna have little training on software security
01:30
and opposite and software company.
01:33
That should be the goal. Security. Not so much, is making sure that application on program works, but we need to make sure that it's his cure application as well.
01:42
We focus on suffer security, but don't forget that security is about many things We're talking about people, human computers, interaction, Attackers uses implore, ease, system at me in the West, programmers, we also to think about access control passwords, biometrics
01:57
mantra, inordinate risk manager
02:00
policy legislation,
02:02
public relations and, well, is public perception. So when you think about someone, security, we have to realize is very, very important. Nowadays we look at principal method to end. Technology makes someone much more secure practical experience with some of these. Also, many of you may have some practical experience dealing with the various
02:21
vulnerable of different types of software. And off she may. Perhaps you came out ways to derive ways of put together
02:27
proactive way. So what? So as to mitigate those vulnerabilities, typical threats of our business software and how to avoid them. Obviously, as a futures certified investigated practice that you need to be aware of the very stress of vulnerabilities that exists, and you also need to come up with ways practical ways so as to how to or what to aboard them.
02:46
We come to interesting term call software Assurance, not suffer Insurance is defined as the level confidence that software's free from bone abilities either intentionally designed into the software or accidentally and soda at any time during its life cycle, and that the software function in the intendant manner.
03:04
We look at software. Other words Secure Dev ops. It is a process of integrated security development, best practices and methodologies into development and deployment processes, which death up. Makes possible is a term used to describe death about practice that includes security checks and reviews to
03:22
out the software production pipeline.
03:24
What you do at this point, you wanna integrate the actual security into your dev up off so it can be very challenging.
03:34
Not when you look at def up. There are some advantages. You have greater speeding again agility for security teams
03:42
provide your ability to respond to challenge and needs more rapidly. Better collaboration and communication among your team's more opportunity for automated bills and quality assurance, like testing early identification of vulnerably and Cole's. These attempts the advantage of what we call dep dep security up
04:00
type
04:01
processes.
04:03
This raises to review. Doing this president's we learned that software shares is defined as a level confidence that the song was free from bone abilities, either intentionally designed into software or accident inserted at any time. We learned that software plays a major role in providing security and is also a major source of security problems
04:21
we also learned is soft on security
04:24
does not get get that much attention because what we're starting to see that in the past, where we even nowadays, a lot of time, many of your future programs have little or no training on software security and software security opposite. Nowadays, software security should be an important component of any application
04:41
that any vendors to put at the owner market. Nowadays,
04:46
in our upcoming video, we continue our discussion of section number to understand with crimes of software development.
04:51
Look for to seeing you in a very next video

Up Next

CompTIA CASP+

In this CASP+ certification course, you will learn all of the domains and concepts associated with the CompTIA Advanced Security Practitioner CAS-003 CASP+ Exam. Through this course you will be fully prepared to sit for your CompTIA CASP+ Exam!

Instructed By

Instructor Profile Image
Jim Hollis
Independent Contractor
Instructor