adporn.net Identifying risks - ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep Video Tutorial | LinkedIn Learning, formerly Lynda.com

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Unlock the full course today

Join today to access over 24,600 courses taught by industry experts.

Identifying risks

Identifying risks

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Start my 1-month free trial Buy for my team

Identifying risks

“

- [Instructor] One of your responsibilities as a CSSLP will be to identify risks throughout the entire lifecycle of the applications in your portfolio. The good news is that you can begin searching for these risks as soon as the developers begin writing code. Ideally, you'll enable your developers to put the concept of secure code reuse into practice. By identifying potential security risks and helping the developers understand how to address those risks, you can ensure that code meets the organization's security requirements before that code ends up in a new application. In order to do this, you'll want to formalize your application security testing processes. Generally speaking, there are three unique ways you can approach this, through static application security testing, dynamic application security testing, and interactive application security testing. Let's take a closer look at each approach. Static application security testing involves checking the code for risks without…

Contents