Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

10 Steps to Agile Development without Compromising Enterprise Security

OWASP Foundation via YouTube

Overview

Explore a comprehensive case study on integrating agile development practices with enterprise security in this 50-minute conference talk. Learn how to implement 10 steps for maintaining robust security measures without compromising the speed and efficiency of agile methodologies. Discover strategies for reducing friction, risk, and costs associated with late-stage vulnerability detection in production environments. Gain insights from LivePerson's successful implementation of in-depth security coverage across multiple SCRUM teams and large-scale codebases. Examine the tailored Secure Software Development Lifecycle (SSDLC) approach, including security controls for each phase of the SCRUM process, from high-level design to penetration testing. Delve into practical tips, measurable success factors, and specific tools and technologies used in the implementation, such as ESAPI, static code analysis, and vulnerability scanning plugins.

Syllabus

Introduction
Security Development Lifecycle in Agile
About me
What is LivePerson
Discovery Phase
Spring Backlog
Checkpoints
Security High Level Design
The Work
Code
Validation
Why Validation
Example
Unit Test
Summary
Checkin
User Experience
Benefits
Summarize
Treat your RD organization well
Feed this program
QA

Taught by

OWASP Foundation

Reviews

Start your review of 10 Steps to Agile Development without Compromising Enterprise Security

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.