How to Address Security Vulnerabilities in the Development Lifecycle - GovLoop Academy

Free online learning for government employees.

How to Address Security Vulnerabilities in the Development Lifecycle

Modern methodologies have accelerated the process of software development, but often at the cost of security. In fact, a recent study found that 90% of security incidents result from software defects.

In this course, you’ll learn how your public sector agency can reduce the time and effort needed to incorporate security into the development process - and in the process avoid having to do costly remediation after the fact.

This course was created in partnership with Checkmarx and DLT Solutions. Learn more here: https://www.dlt.com/government-products/checkmarx

Download

Related Videos

As agencies embark on their journey to zero trust, they'll find no lack of tools to help them on their way. The problem is that...

Deploying Zero Trust Network Access to Drive Improved Cybersecurity

Next-Level Network Security: How to Detect Hidden Threats

Yes, a zero trust-based approach to cybersecurity is complicated. And yes, you need to understand what it is and why it's impor...

Why Zero Trust? Why Now?

Trying to figure out what exactly is in your cloud environment can be a bit like trying to get through a maze while blindfolded...

Best Practices for Hardening Cloud Security

There's no getting around it: Malicious cyber actors see state and local agencies as prime targets -- both because they manage ...

All Aboard! 6 Stops on the Journey to Better Security

No one likes to think about it, but every time an employee uses a mobile device to access an agency's network, they might be op...

5 Steps for Stopping Mobile Threats Before Damage Is Done

Today's network operations no longer follow the old rules where everything that was enclosed within the network boundaries was ...

Embracing the Zero Trust Framework

It's not easy to hear, but every employee -- yes, every one of us -- is a potential weak link in our organization's cyber defen...

How to Spot and Handle a Phishing Attempt

A mobile device can be a convenient and necessary communications tool as well as a missile heading for your critical data. Find...

Enabling Zero Trust for Your Mobile Devices

The adoption of hybrid cloud is becoming the norm for government IT operations. Unfortunately, ransomware and other cyber threa...

Your Playbook for Protecting Against Cyberattacks

If you're nervous about moving mission-critical apps to the public cloud, you're not alone. And if your on-premises operations ...

How One Agency Transformed Vital Operations Without Losing Its Mind

The idea of a hybrid cloud environment, integrating cloud and on-premises systems, looks great on paper but often seems dauntin...

Removing Roadblocks to a Hybrid Cloud Deployment

This video, developed in collaboration with Cloudera, will address the challenges of managing security data in a large agency a...

How Threat Hunters Use Data Analytics to Shut Down Attackers

When measuring total cost of ownership on a Windows-to-cloud migration, there’s more to consider than just price. This video, c...

How to Build a Better Cloud Migration Strategy

State and local agencies are common targets for ransomware, making their cloud computing environments increasingly vulnerable t...

3 Steps for Surviving Ransomware

Web application security is too frequently handled by external controls and legacy tools not designed for securing more modern ...

Timing Is Everything for Web Application Security

It's critically important for agencies to not only continually provide services in the face of unplanned emergencies, but to op...

Building Resilience Into Your Agency

Containerization is rapidly changing how agencies develop software, providing a way to build applications that can move easily ...

Containerization: Don’t Get Blindsided by Hidden Security Threats

In cybersecurity, do more solutions make for a merrier defense? Not necessarily. Too many tools can actually lead to infighting...

How to Unlock the Hidden Value of Your Cyber Defenses

There’s good reason why ransomware and other types of malware continue to plague organizations: Cybercriminals keep coming up w...

How to Strengthen Cybersecurity (Beyond Buying New Tools)

With cyberattacks, the last thing you want is one that spreads. But working with a variety of viruses and techniques, cyberatta...

The Need for Speed in Detecting and Responding to Cyberthreats

Many common cyber defenses, like Intrusion Prevention Systems and Web Application Firewalls, have problems when it comes to app...

Embedding RASP for Application and Data Security

The golden rule of security is to always be prepared. And when it comes to protecting critical cloud-based data, old tactics ju...

Cloud Security: Defending a Pillar of IT Modernization

In this course, you’ll learn how productivity and security go hand in hand in the remote environment. You’ll hear five best pra...

5 Strategies to Enhance Security for Productivity While Remote

If you haven’t heard of ransomware yet, you will. Ransomware is more than just malicious software – it’s a dangerous cyberthrea...

Federal Ransomware: A Rising Threat

The Continuous Diagnostics and Mitigation, managed by the Department of Homeland Security, is the cornerstone of the federal go...

Manage Cybersecurity Threats with the CDM Dashboard Ecosystem

By taking this course, you will be enrolled in five lessons about DDoS attacks and how to prevent them. We will explore what DD...

Introduction to DDoS Attacks

Information security may very well be the defining challenge of this era of government. How will government meet security deman...

Cybersecurity Crash Course

In this six-lesson course, we’ll examine the components of an effective security strategy that addresses all necessary systems....

How to Build Connected Security

The accelerated pace of modernization and innovation in the government IT enterprise has produced a wealth of new capabilities ...

Managing Risk in Today's Digital World