Armchair Architects: Secure Software Development Lifecycle (pt 1)

The secure software development cycle (SDLC) emphasizes integrating security at every stage of development, rather than as an afterthought. In this episode of the Armchair Architects (part of the Azure Essentials Show), our trio of architects discuss key points of SDLC, including the concept of shift left, secure by design, training and tools, and AI assistance. In this video, you’ll also hear them discuss the importance of early security integration, and practical examples of secure coding practices. Be sure to catch part two of this conversation at aka.ms/AzEssentials/185.

Resources
• Develop secure applications on Azure learn.microsoft.com/azure/security/develop/secure-…
• Practical advice for securing secrets across the SDLC learn.microsoft.com/devsecops/playbook/enterprise-…
• Recommendations for securing a development lifecycle (WAF) learn.microsoft.com/azure/well-architected/securit…

Related Episodes
• Armchair Architects: Secure Software Development Lifecycle (pt 2) aka.ms/AzEssentials/185
• Watch all the Armchair Architects episodes aka.ms/ArmchairArchitects
• Watch the Azure Essentials Show aka.ms/AzureEssentialsShow


Connect
• Ulrich (Uli) Homann www.linkedin.com/in/ulrichhomann
• Eric Charran www.linkedin.com/in/ericcharran
• David Blank-Edelman www.linkedin.com/in/dnblankedelman

Chapters
0:00 Introduction
1:13 Eric defines Shift Left
2:21 Secure by design
3:04 The Internet changed everything
4:27 Static Application Security Testing
6:23 Dynamic Application Security Testing
7:13 Examples
8:17 SAST methods
8:46 DAST methods
10:21 What’s in part 2