adporn.net A4: Insecure design - SonarQube Video Tutorial | LinkedIn Learning, formerly Lynda.com

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Static Application Security Testing

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

A4: Insecure design

A4: Insecure design - SonarQube Tutorial

From the course: Static Application Security Testing

Start my 1-month free trial Buy for my team

A4: Insecure design

“

- [Instructor] The fourth set of risks in the OWASP top 10 list are insecure design flaws. Some years back, the US Cybersecurity and Infrastructure Security Agency, better known as CISA, provided resources to help software developers, architects, and security professionals build security into software from day one. While that part of their website has been archived, those principles are still critical. While all the top 10 risks are intended to drive security conversations early on in the development lifecycle, this particular risk is intended to pull those conversations even earlier before the developers write a single line of code. For many organizations, conversations around insecure design risks may require a culture shift. It's one thing to scan for and fix vulnerabilities related to the other top 10 risks, but asking the devs to design apps with security at the forefront is a heavier lift. These risks can creep…

Contents