Handling of Security Requirements in Software Development Lifecycle

Explore a comprehensive approach to handling security requirements throughout the software development lifecycle in this AppSecUSA 2017 conference talk. Gain insights into managing security risks across diverse technologies and methodologies in large companies. Learn about SecurityRAT, a tool developed to support and accelerate the process of addressing security requirements. Discover how to generate relevant security requirements based on software properties, automate their handling, and integrate with issue trackers. Delve into ongoing developments, including system integration, automated testing, and reporting. Benefit from the expertise of Daniel Kefer, Head of Application Security at 1&1 Mail & Media Development & Technology GmbH, and Rene Reuter, IT Security Consultant at Robert Bosch GmbH, as they share their experiences in proactive security efforts and working closely with developers.