Post Content
The secure software development cycle (SDLC) emphasizes integrating security at every stage of development, rather than as an afterthought. In this episode of the Armchair Architects (part of the Azure Essentials Show), our trio of architects discuss key points of SDLC, including the concept of shift left, secure by design, training and tools, and AI assistance. In this video, you’ll also hear them discuss the importance of early security integration, and practical examples of secure coding practices. Be sure to catch part two of this conversation at https://aka.ms/AzEssentials/185.
Resources
• Develop secure applications on Azure https://learn.microsoft.com/azure/security/develop/secure-develop
• Practical advice for securing secrets across the SDLC https://learn.microsoft.com/devsecops/playbook/enterprise-solutions/governance-solutions/secrets-lifecycle/guidance
• Recommendations for securing a development lifecycle (WAF) https://learn.microsoft.com/azure/well-architected/security/secure-development-lifecycle
Related Episodes
• Armchair Architects: Secure Software Development Lifecycle (pt 2) https://aka.ms/AzEssentials/185
• Watch all the Armchair Architects episodes https://aka.ms/ArmchairArchitects
• Watch the Azure Essentials Show https://aka.ms/AzureEssentialsShow
Connect
• Ulrich (Uli) Homann https://www.linkedin.com/in/ulrichhomann
• Eric Charran https://www.linkedin.com/in/ericcharran
• David Blank-Edelman https://www.linkedin.com/in/dnblankedelman
Chapters
0:00 Introduction
1:13 Eric defines Shift Left
2:21 Secure by design
3:04 The Internet changed everything
4:27 Static Application Security Testing
6:23 Dynamic Application Security Testing
7:13 Examples
8:17 SAST methods
8:46 DAST methods
10:21 What’s in part 2 Read More Microsoft Developer
