by Achim D. Brucker
It is commonly accepted that security testing should be applied as early as possible in the software development life-cycle. This requires selecting application security testing tools that are easy to use for developers and, thus, developers should participate in the selection and roll-out of such tools. In this talk, I will provide and overview what one can expect from (commercial) application security testing tools and report on my experience on introduction them in a large development organisation (over 25000 developers) that uses a wide range of development methodologies ranging from smaller teams with multiple shipments per day to large organisations following a traditional model with quarterly or yearly releases.
Keywords:
Categories:
Documents:
Please cite this article as follows:
Achim D. Brucker.
Introducing Security Testing to Developers: Experiences and Lessons Learned. Checkmarx Security Conference, 1. dec. 2017.
(slides) (handout) (BibTeX) (
abstract | = | {It is commonly accepted that security testing should be applied as early as possible in the software development life-cycle. This requires selecting application security testing tools that are easy to use for developers and, thus, developers should participate in the selection and roll-out of such tools. In this talk, I will provide and overview what one can expect from (commercial) application security testing tools and report on my experience on introduction them in a large development organisation (over 25000 developers) that uses a wide range of development methodologies ranging from smaller teams with multiple shipments per day to large organisations following a traditional model with quarterly or yearly releases.}, | |
author | = | {Achim D. Brucker}, | |
day | = | {1}, | |
event | = | {Checkmarx Security Conference}, | |
handout | = | {https://www.brucker.ch/bibliography/download/2017/talk-brucker-cx-security-testing-2017-2x2.pdf}, | |
isodate | = | {2017-12-01}, | |
lecturer | = | {Achim D. Brucker}, | |
location | = | {Tokyo, Japan}, | |
month | = | {dec}, | |
slides | = | {https://www.brucker.ch/bibliography/download/2017/talk-brucker-cx-security-testing-2017.pdf}, | |
title | = | {Introducing Security Testing to Developers: Experiences and Lessons Learned}, | |
url | = | {https://www.brucker.ch/bibliography/abstract/talk-brucker.ea-cx-security-testing-2017}, | |
year | = | {2017}, |