adporn.net Implementing security controls - ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep Video Tutorial | LinkedIn Learning, formerly Lynda.com

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Unlock the full course today

Join today to access over 24,600 courses taught by industry experts.

Implementing security controls

Implementing security controls

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Start my 1-month free trial Buy for my team

Implementing security controls

“

- [Instructor] Application security controls can exist within the development process as well as outside of the application itself. More to the point, you should implement security controls on the application's host systems if you want the application running on those hosts to be secure. To do this, you can tap into your threat models and your risk assessments for guidance. During your threat modeling exercises, you identified potential threats that represent credible risks to your applications. And when you conducted your risk assessments, you identified those controls that you might implement to manage those risks. By filtering on risks associated with the host, you're likely to see a few recommended controls popping up again and again. There's a good chance that antimalware made it on your list of recommended controls. Antimalware solutions have been around since the 1980s, although the antimalware industry really didn't take off until the '90s. The goal of this software is to look…

Contents