Building a Modern Security Engineering Organization
Attack-driven defense
Effective approaches to web application security
How to adapt the SDLC to the era of DevSecOps