a proactive strategy for security management at wso2
Post on 06-Jan-2017
187 Views
Preview:
TRANSCRIPT
A Proactive Strategy for Security Management at WSO2
Tharindu EdirisingheSenior Software Engineer
WSO2 Platform Security Team
Agenda
● How security is integrated into the software development life cycle of WSO2
● Security integration in the automated software build processes
● The mandatory security checks performed before releasing products
● The security vulnerability reporting process of WSO2
● How the WSO2 security team collaborates with other parties
● The security patch release strategy
● How you can become a contributor
Security in Software Development Life Cycle
Team Collaboration and Governance
Security in 3rd Party Dependencies
Security in 3rd Party Dependencies Contd.
Security Best Practices in Development Phase
Security in Testing Phase
Automated Security Scans in Build Process
Security Checks Before Releasing Products
Security Patch Release Strategy
Monthly Security Bulletin - Customer Announcement
Security Advisory - Example
Security Advisory - Example
contd.
Security Patch Release - Public Announcement
http://wso2.com/security-patch-releases/
Security Advisories -
Public
https://docs.wso2.com/display/Security/Security+Advisories
Acknowledgements
https://docs.wso2.com/display/Security/Acknowledgments
Awareness on Security
How you can contribute ?
Questions?
Thank You!
top related