Secure Software Development MindMap (1 of 2) | CISSP Domain 8

Review of the major Secure Software Development topics to guide your studies, and help you pass the CISSP exam. This MindMap review covers: 00:00 Introduction 00:34 Secure Software Development 01:07 Bake In Security 01:20 System Life Cycle (SLC) 01:41 Software Development Life Cycle (SDLC) 01:48 Plan + Management Approval 01:58 Requirements 02:15 Architecture & Design 02:25 Development 02:37 Waterfall 02:51 Cannot go back 03:11 Agile 03:18 Sprints 03:38 Scrum Master 04:01 DevOps 04:11 Combine Dev, QA & Ops 04:29 SecDevOps 05:03 Testing 05:24 Canary 05:41 Certification 06:11 Deployment 06:18 Accreditation 07:58 Operation 08:07 Disposal 08:37 Maturity Models 09:37 APIs 10:03 REST 10:10 SOAP 10:19 Obfuscation 10:41 Lexical, Data, Control flow 11:16 Acquire Software 11:33 Assess vendors 11:43 Contracts, / SLAs 11:53 Software Security Weaknesses & Vulnerabilities 12:02 Buffer Overflows 12:53 SQL Injection 13:35 XSS / CSRF 14:27 Covert Channels 14:41 Backdoors / Trapdoors 15:00 Memory / Object Reuse 15:35 TOCTOU 16:04 Citizen Developers 16:25 Secure Programming 16:29 Input Validation 17:02 Session Management 17:30 Polyinstantation 17:47 Maintain Software 17:53 SCM 17:59 SOAR 18:15 Outro For a full list of all the MindMaps and to download them in PDF and Audio format, visit: https://destcert.com/cissp-mindmaps/ Join our r/DestCert subreddit for valuable CISSP resources, training advice, support, and to connect with other CISSP professionals!