209: Secure Development Lifecycle with Glenn Leifheit

In this episode, Donn talks with Glenn Leifheit from Microsoft about a concept known as "Secure Development Lifecycle". Glenn is a Senior Security Program Manager at Microsoft.

Glenn explains to you what the secure development lifecycle is, how it works and how you can implement something like this in your company. He also shares the top tips you can implement in order to get the quickest benefit of the Secure Development Lifecycle

Links from the show

• Application Inspector:  GitHub
• DevSkim:  GitHub
• Attack Surface Analyzer:  GitHub
• OSS Gadget:  GitHub
• Recursive Extractor:  GitHub
• Microsoft SDL: Microsoft Security Development Lifecycle
• CodeQL: CodeQL for research | GitHub Security Lab
• OWASP:  OWASP Foundation | Open Source Foundation for Application Security
• OWASP Top 10: OWASP Top Ten Web Application Security Risks | OWASP
• OWASP Web Security Testing Guide: OWASP Web Security Testing Guide
• Python basic code analysis:  Pylint - code analysis for Python | www.pylint.org
• TypeScript basic code analysis: GitHub - typescript-eslint/typescript-eslint: Monorepo for all the tooling which enables ESLint to support TypeScript

Find Glenn online here

• Glenn's LinkedIn
• Glenn's Twitter

Donn's Free E-Book on Freelancing

• Free E-Book on Freelancing Rates

Contact

• @fragmentedcast or our Youtube channel
• @donnfelker and donnfelker (on Instagram)
• Freelancing for Mobile Developers (Donn's YouTube)
• kaushikgopal (on YouTube) or blog.kaush.co or @kaushikgopal

Disclaimer: Many of the links we share to products are affiliate links. They help support the production of Fragmented. Thank you for your support.

Episode source