Any recommendations for secure software development training courses? What worked best for your team?

2.9k views3 Comments

Sort by:

Senior Information Security Manager in Software2 years ago

SANS course SEC522 is a good place to start.

https://www.sans.org/cyber-security-courses/application-security-securing-web-apps-api-microservices/

CISO in Software2 years ago

I like Secure Code Warrior quite a bit for training developers of security development skills, awareness and especially for refreshers annually

Head of Corporate Development in Government2 years ago

DAU AGILE SOFTWARE AND DEVSECOPS TRAINING - https://www.dau.edu/blogs/dau-agile-software-and-devsecops-training

Content you might like

Agree or disagree: it’s harder to retain junior developers than any other position on the software team.

Agree — we lose junior developers more than any other staff role59%

Disagree — it’s much harder to keep people in other roles39%

Undecided — it varies too much to say3%

View Results

Are short term bans of the use of GenAI applications and tools (such as ChatGPT) a good idea for end users in most organizations? For context see this article on the State of Maine Government's directive before you vote: https://www.govtech.com/artificial-intelligence/chatgpt-generative-ai-gets-6-month-ban-in-maine-government

Yes - Maine did the right thing. There are too many security risks with free versions of these tools. Not enough copyright or privacy protections of data.28%

No, but.... - You must have good security and privacy policies in place for ChatGPT (and other GenAI apps). My organization has policies and meaningful ways to enforce those policies and procedures for staff.46%

No - Bans simply don't work. Even without policies, this action hurts innovation and sends the wrong message to staff and the world about our organization.20%

I'm not sure. This action by Maine makes me think. Let me get back to you in a few weeks (or months).4%

View Results

What is the most interesting/helpful/unique tool you're using right now that no one is talking about?

Digital transformation isn’t just about new tools, it’s about changing how teams work. Key lessons I’ve observed: 1. Start with process bottlenecks, not technology 2. Empower cross-functional teams 3. Measure outcomes, not outputs What has been the most surprising lesson your teams have learned during a transformation?

Any recommendations for secure software development training courses? What worked best for your team?

Sort by:

Content you might like

Agree or disagree: it’s harder to retain junior developers than any other position on the software team.

What is the most interesting/helpful/unique tool you're using right now that no one is talking about?

How are you currently managing SIEM costs? Have you found effective ways to actually reduce storage costs for your SIEM?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

2024 Software Engineering Priorities and Challenges

Improving Software Developer Experience

Current State of Software Developer Experience

Emerging Software Security Risks: How Are Tech Leaders Preparing for 2024?

Take Your Insights On-the-Go