🤔 WHOA! Channel Value Provided
Salute,
I thought about it and looked at the activity in the channel over these couple of weeks. Here is a post about me and what I consider special, in some way, in my practice.
I created this channel in order to share the current practice of AppSec Teamlead (without water, without cuts) and the important features of the work, and their subtleties.
Now let’s look at the channel like this: essentially you get practice and things that are practically not talked about, either somehow cut down, or in a more “watch the doc” style.
I think it will be cool for you if I secure the profitable part of the content that I share without marketing fluff and of course with examples: (I will edit hashtags as I add content)
- How to implement DevSecOps and AppSec Toolchain
#appsec - product security
#devsecops - strategy and construction of secure development processes
#pmi - project management and human resources
#roadmap - a vision of how to build correctly from practice
#reco
#specialty - some cool and not so special features
#course - practical training
- Problems and features of vendor and open-source tools
#toolchain - practical significance and applicability
#research - research and description
#sast - static analysis
#dast - dynamic analysis
#bca - binary code analysis
#sca - component/dependency analysis
#sbom - golden image of components/dependencies
#containersecurity - container security
#licenses - licensing policy
#secrets - secrets management
- Practice and real working solutions, not just formal compliance with the regulator
- Mistakes that cost projects serious problems and how to avoid them
- Conducting hackathons and secure development competitions
- Project/Product Management and secure development management: how not to burn your budget and team
#riskanalys - analysis of risks and what they encountered and how they solved them
#vulnmanagement - vulnerability management
#hackathon
#pmcases - non-trivial and atypical cases
#techsolution - technical solutions
#humanres - human resource
- Regulator and GOST regulations for safe development
#compliance
#gost
- Behind-the-scenes information security is something that is not talked about openly, but everyone discusses it in a bar or at small conference calls
#backstage
#lol - meme environment
- Podcasts, conferences, articles and your own opinion - first-hand, without cuts or theory
#term - definitions
#podster
#paper
#meetup
#conf
With you, we are looking at how to build processes, strategy, resource management and ensure product safety. We look at the jambs, profits, blocks and resistance, and also how to ultimately work with it, get around it, and make it really work.
Bottom line: if you want to take a non-trivial look at AppSec and see a point of view that describes extremely unusual problems and their solutions based on real experience, you are in the right place.
My personal @geminishkv, you can always write to chat or suggest something, and don’t be shy 🙏
Caution
All information in the materials of this profile, as well as the materials included (according to the applicable wording of the current legislation of the Russian Federation), that is, any text, graphic works, is considered for informational purposes only.
Any use of the information provided through this profile and/or any text, graphic works, in practice, without obtaining prior approval for use, is subject to the current legislation of the Russian Federation.
The author is not responsible for any possible harm caused by the materials provided, as well as any text or graphic works.
Any text or graphic works, including links, are for informational purposes only and are intended to share knowledge in food safety.
#master #info