Cybersecurity Peer Group | Secure Software Development Practices at Sandia National Laboratories
September 10 @ 3:00 pm - 4:00 pm
Sandia National Laboratories (SNL)’s Data and Software Security team is strengthening the security posture of SNL’s software development practices through our Software Assurance Integrated Lifecycle (SAIL™). We are leading change by moving security earlier in the development process and providing a comprehensive approach that integrates and automates security through the development lifecycle. The approach addresses everything from training to testing and scanning, with the understanding that education and tools must be leveraged for security. SNL wishes to share this approach with the broader community to both educate those that may be more nascent in their journey and to gain feedback on our approach. By following these steps, regardless of the programming methodology or framework being used, SNL believes that the security of software applications can be improved, reducing both the risk and cost to the organization than if vulnerabilities are found after the product has deployed.
About the speaker:
Angela (Ang) Rivas is a Cyber Assurance Architect empowering software development teams at Sandia National Laboratories to integrate security activities such as awareness training and threat modeling into the software development lifecycle. Angela is the functional lead for cyber/software security awareness and training and contributes to the research, design and development of solutions for secure software development, including architecture review, software composition analysis, and code review. Outside of Sandia, she is passionate about giving back to the community and to encouraging STEAM exploration and activities. Ang is a 2020 Hispanic Engineer National Achievement Awards Corporation (HENAAC) Luminary Honoree and a member of the Leadership ABQ 2020 Cohort. She is a strong advocate for building secure software, from the start.