How to Verify for Security Early and Often
Offered By: Pluralsight
Course Description
Overview
This presentation will explore how to inject security verification in every step of the software development, how to make security assessment an integral part of developers’ software engineering practice and which OWASP projects can be leveraged.
In many organizations, testing for security is done following a “scan-then-fix” approach. The security team runs a scanning tool or conducts a pen test, triages the results, and presents a long list of vulnerabilities to be fixed right away to the development team. This is often referred to as "the hamster wheel of pain." There is a better way. This presentation will explore how to inject security verification in every step of the software development, how to make security assessment an integral part of developers’ software engineering practice and which OWASP projects can be leveraged.
In many organizations, testing for security is done following a “scan-then-fix” approach. The security team runs a scanning tool or conducts a pen test, triages the results, and presents a long list of vulnerabilities to be fixed right away to the development team. This is often referred to as "the hamster wheel of pain." There is a better way. This presentation will explore how to inject security verification in every step of the software development, how to make security assessment an integral part of developers’ software engineering practice and which OWASP projects can be leveraged.
Taught by
DevSecCon
Related Courses
Software as a ServiceUniversity of California, Berkeley via Coursera Software Testing
University of Utah via Udacity The Hardware/Software Interface
University of Washington via Coursera Software Debugging
Saarland University via Udacity Introduction to Systematic Program Design - Part 1
The University of British Columbia via Coursera