Overview
Discover how to implement a sustainable security requirements process using the OWASP Application Security Verification Standard (ASVS) in this informative conference talk. Learn about shifting security considerations earlier in the development lifecycle, specifically during the business requirements gathering phase. Explore strategies for gaining buy-in for security initiatives, balancing trade-offs, prioritizing security requirements, and tailoring the ASVS to your organization's specific context. Gain insights on making the security process repeatable and maintaining an overview of your security state. Leave with a deeper understanding of the ASVS and practical ideas for integrating it into your organization's requirements process, ultimately enhancing your software security from the earliest stages of development.
Syllabus
Building a sustainable security requirements process with the ASVS - Josh Grossman - NDC Security
Taught by
NDC Conferences