Overview
Syllabus
Intro
Thought Experiment
Software Assurance Maturity Model
Building Security in Maturity Model
Application Security Touchpoints
Web Application Vulnerability Management Program
Web Application Vulnerability Management Framework
GOAL - Identify & Reduce Risk
Preparation
Dynamic Application Security Testing (DAST)
Building your Inventory. Reconnaissance
Enrollment Process
Remediation Process
Not Infrastructure Vulnerability Management Not a cookie cutter patch
Common Mistakes
Metrics
Web App VM On the Cheap Dynamic Application Security Testing EDAST Tools