Explore key insights on integrating security testing into agile development processes in this 45-minute conference talk from AppSecEU 2015 in Amsterdam. Learn from David Vaartjes' experiences as he shares lessons learned, discusses the pros and cons of agile methodologies, and presents practical approaches to security testing. Discover strategies for knowledge sharing, achieving efficient security practices, and leveraging automation in quality assurance. Gain valuable perspectives on balancing the pursuit of perfect security with realistic development goals, and understand how security testers can effectively contribute to agile teams.
Overview
Syllabus
Intro
Agenda
Davids background
Learning Agile
Good and Bad
Security Findings
Practical Approach
Shared Knowledge
Perfect Security Dream
Security testers
Code refueling
Be efficient
Automation
QA
Taught by
OWASP Foundation
Related Courses
-
The Software Security Testing Lifecycle - A Framework for Effective Security Testing
-
Agile and Security - Oil and Water
-
Application Security in an Agile SDLC
-
IAST Deep Dive - Understanding Interactive Application Security Testing
-
Bringing Security Testing to Development: Enabling Developers as Security Experts
-
Integrating Security in Agile Projects - AppSec EU 2017
