YoVDO

OWASP Standard Classification - Achieving Security by Shifting Left in Agile

Offered By: OWASP Foundation via YouTube

Tags

Conference Talks Courses Penetration Testing Courses Risk Assessment Courses Web Application Development Courses Application Security Courses Software Development Life Cycle Courses Security Testing Courses

Course Description

Overview

Explore a comprehensive approach to integrating application security into Agile software development in this 27-minute OWASP Foundation talk by Bhushan B Gupta. Learn how to create security-related personas, develop stories with acceptance criteria, prioritize threats using the STRIDE method, and implement security measures throughout the software development life cycle. Discover techniques for shifting security left, including code review, static and dynamic code analysis, and penetration testing. Gain insights on building secure web applications, creating effective test plans, and utilizing tools to achieve high-confidence security. Understand the importance of balancing security with other development priorities and conducting risk assessments to create more robust and secure applications.

Syllabus

Intro
About me
Objectives
Security breaches
Cost of fixing vulnerabilities
Penetration testing
Bring in security elements into your life cycle
Defining stories
Modeling
Design Encoding Principles
Testing Strategy
Code Reviews
Putting it all together
Balancing Act
Risk Assessment


Taught by

OWASP Foundation

Related Courses

Web and Mobile Testing with Selenium
University of Minnesota via Coursera
DevOps Pipeline: Automatización hasta el despliegue
Universidad Anáhuac via edX
Programming Foundations: Software Testing/QA
LinkedIn Learning
Security Assessment and Testing for CISSP®

Pluralsight
EU Panel: The Joys of Integrating Security Testing into Your Pipeline
Pluralsight