Friday, May 22 • 15:45 - 16:30
Agile Security Testing - Lessons Learned

Sign up or log in to save this to your schedule and see who's attending!

Agile, a blessing for software security?

Agile is challenging the world of security testers.

 Is Agile a threat for software security or a blessing? Can Agile and
 security be friends?

 The days are long gone where pentesters can launch their multi week
 pentest ceremony as soon as the final build is delivered and test
 environments are finally up and running.

 The world is shifting to Agile. And simply put, in Agile there is no
 time for such release based testing. Let alone rework. In a perfect
 world, we want to ship the code right after the sprint!

 Security teams that try to stick to the old way of testing can't keep up
 anymore. Dev teams release once every three weeks now, instead of once
 every number of months like before. How to get security sign-off for
 them all?

 In this talk I like to share my experiences and lessons learned while
 working with various Agile teams on getting security testing integrated.
 With a challenging goal: not blocking and cost efficient! We think we
 are on the right track!

avatar for David Vaartjes

David Vaartjes

David is Co-Founder of Securify. With over ten years of experience in software security, David specializes in security code reviews on mobile and web applications. He is a true enthusiast of the Build Security In approach. Getting the right activities in place to catch... Read More →

Friday May 22, 2015 15:45 - 16:30
E104&105 Amsterdam RAI

Attendees (0)