Explore a comprehensive case study on integrating agile development practices with enterprise security in this 50-minute conference talk. Learn how to implement 10 steps for maintaining robust security measures without compromising the speed and efficiency of agile methodologies. Discover strategies for reducing friction, risk, and costs associated with late-stage vulnerability detection in production environments. Gain insights from LivePerson's successful implementation of in-depth security coverage across multiple SCRUM teams and large-scale codebases. Examine the tailored Secure Software Development Lifecycle (SSDLC) approach, including security controls for each phase of the SCRUM process, from high-level design to penetration testing. Delve into practical tips, measurable success factors, and specific tools and technologies used in the implementation, such as ESAPI, static code analysis, and vulnerability scanning plugins.
10 Steps to Agile Development without Compromising Enterprise Security
Overview
Syllabus
Introduction
Security Development Lifecycle in Agile
About me
What is LivePerson
Discovery Phase
Spring Backlog
Checkpoints
Security High Level Design
The Work
Code
Validation
Why Validation
Example
Unit Test
Summary
Checkin
User Experience
Benefits
Summarize
Treat your RD organization well
Feed this program
QA
Taught by
OWASP Foundation
