Review of the major Secure Software Development topics to guide your studies, and help you pass the CISSP exam.
This MindMap review covers:
00:00 Introduction
00:34 Secure Software Development
01:07 Bake In Security
01:20 System Life Cycle (SLC)
01:41 Software Development Life Cycle (SDLC)
01:48 Plan + Management Approval
01:58 Requirements
02:15 Architecture & Design
02:25 Development
02:37 Waterfall
02:51 Cannot go back
03:11 Agile
03:18 Sprints
03:38 Scrum Master
04:01 DevOps
04:11 Combine Dev, QA & Ops
04:29 SecDevOps
05:03 Testing
05:24 Canary
05:41 Certification
06:11 Deployment
06:18 Accreditation
07:58 Operation
08:07 Disposal
08:37 Maturity Models
09:37 APIs
10:03 REST
10:10 SOAP
10:19 Obfuscation
10:41 Lexical, Data, Control flow
11:16 Acquire Software
11:33 Assess vendors
11:43 Contracts, / SLAs
11:53 Software Security Weaknesses & Vulnerabilities
12:02 Buffer Overflows
12:53 SQL Injection
13:35 XSS / CSRF
14:27 Covert Channels
14:41 Backdoors / Trapdoors
15:00 Memory / Object Reuse
15:35 TOCTOU
16:04 Citizen Developers
16:25 Secure Programming
16:29 Input Validation
17:02 Session Management
17:30 Polyinstantation
17:47 Maintain Software
17:53 SCM
17:59 SOAR
18:15 Outro
For a full list of all the MindMaps and to download them in PDF and Audio format, visit: destcert.com/cissp-mindmaps/
Join our r/DestCert subreddit for valuable CISSP resources, training advice, support, and to connect with other CISSP professionals!