The repository brings together the outputs of the SECDES project: practical presentations, whitepapers, starter kits and external articles. If you want recordings of past webinars, you can find them on the media page.
A concise presentation on how AI-assisted development can introduce insecure code, risky dependencies and unsafe workflows, and what teams need to do to keep secure software practices intact.
Download PDFA whitepaper exploring several threat modeling approaches and the trade-offs that matter when smaller teams need an approach that is both lightweight and useful.
Download whitepaperA whitepaper on software supply-chain visibility, SBOM benefits, adoption challenges and practical guidance for stronger dependency governance.
Download whitepaperA starter kit for teams that want practical assets for running threat modeling activities and building a stronger security mindset.
Download ZIPExternal articles and explainers that expand on secure software development, SecDevOps, API security and maturity models.
A Dutch article explaining why secure coding practices need to be embedded early in development rather than added as a late-stage correction.
Read onlineA Dutch introduction to OWASP SAMM as a practical model for assessing and improving software security maturity.
Read onlineA Dutch article comparing DevOpsSec, DevSecOps and SecDevOps approaches and the trade-offs between them.
Read onlineA Dutch article on treating security as a foundational design concern rather than a late addition to the delivery pipeline.
Read onlineA Dutch article on common organizational and tooling challenges that arise when teams adopt SecDevOps practices.
Read onlineA Dutch article explaining why API security deserves focused attention in modern application portfolios.
Read onlineA Dutch article describing how to create a structured API security plan that fits broader secure software practices.
Read onlineA Dutch article with practical technical measures such as access control, validation, encrypted communication and testing for API security.
Read onlineSlide decks, whitepapers, workshop materials and practical resources produced during the project.
An introduction to the SECDES project and the case for integrating security into architecture, testing and governance practices from the start.
Download PDFA presentation explaining the role of threat modeling in the secure software development lifecycle and why it matters for SaaS teams.
Download PDFA deck on how product leaders can help integrate security concerns earlier by understanding customer risk, value and delivery trade-offs.
View on SlideShareA practical deck covering current OAuth security recommendations and the direction of the standard.
Download PDFA presentation on weaving static analysis, dynamic testing and scanning into delivery pipelines so security checks become repeatable and useful.
Download PDFA deck connecting supply-chain incidents, new regulations and the role of SBOMs in improving visibility and governance.
Download PDFA presentation comparing what threat modeling tools can help with in practice and how to evaluate them as a smaller team.
Download PDFA presentation introducing SPARTA and explaining how risk-driven threat assessment can support reuse and prioritization in security architecture work.
Download PDFA presentation on using OpenAPI specifications for security review, testing, automation and runtime support.
Download PDFA practical introduction to the OWASP SAMM framework and how it can guide targeted security improvement work.
Download PDF