Agile Security Testing - Lessons Learned

Explore key insights on integrating security testing into agile development processes in this 45-minute conference talk from AppSecEU 2015 in Amsterdam. Learn from David Vaartjes' experiences as he shares lessons learned, discusses the pros and cons of agile methodologies, and presents practical approaches to security testing. Discover strategies for knowledge sharing, achieving efficient security practices, and leveraging automation in quality assurance. Gain valuable perspectives on balancing the pursuit of perfect security with realistic development goals, and understand how security testers can effectively contribute to agile teams.

Intro
Agenda
Davids background
Learning Agile
Good and Bad
Security Findings
Practical Approach
Shared Knowledge
Perfect Security Dream
Security testers
Code refueling
Be efficient
Automation
QA