pdfreaders.org

How to Enable Developers to Deliver Secure Codes

by Achim D. Brucker

Security testing is an important part of any security development life-cycle (SDLC) and, thus, should be a part of any secure software development life-cycle. Still, security testing is often understood by an activity done by security testers in the time between "end of development" and "offering the product to customers".

Learning from traditional testing that the fixing of bugs is the more costly the later it is done in development, we believe that security testing should be integrated into the daily development activities.

Based on the SDLC of a large software vendor, we will present the benefits of early security testing and discuss what is necessary to achieve a ßecurity testing as development activity" approach.

Keywords:
Categories:
Documents:

QR Code for talk:brucker:developer-awareness:2017.Please cite this article as follows:
Achim D. Brucker. How to Enable Developers to Deliver Secure Codes. Checkmarx Webinar: Meet the Expert, 15. mar. 2017.
(slides) (handout) (BibTeX) (Share article on LinkedIn. Share article on CiteULike. )

BibTeX
@Talk{ talk:brucker:developer-awareness:2017,
abstract = {Security testing is an important part of any security development life-cycle (SDLC) and, thus, should be a part of any secure software development life-cycle. Still, security testing is often understood by an activity done by security testers in the time between "end of development" and "offering the product to customers".\\\\Learning from traditional testing that the fixing of bugs is the more costly the later it is done in development, we believe that security testing should be integrated into the daily development activities.\\\\Based on the SDLC of a large software vendor, we will present the benefits of early security testing and discuss what is necessary to achieve a "security testing as development activity" approach.},
author = {Achim D. Brucker},
day = {15},
event = {Checkmarx Webinar: Meet the Expert},
handout = {https://www.brucker.ch/bibliography/download/2017/talk-brucker-developer-awareness-2017-2x2.pdf},
isodate = {2015-05-21},
lecturer = {Achim D. Brucker},
month = {mar},
slides = {https://www.brucker.ch/bibliography/download/2017/talk-brucker-developer-awareness-2017.pdf},
slideshare = {key/b19VBO9NwUfeTF},
slideshare_height = {485},
slideshare_width = {595},
title = {How to Enable Developers to Deliver Secure Codes},
url = {https://www.brucker.ch/bibliography/abstract/talk-brucker-developer-awareness-2017},
video = {https://info.checkmarx.com/resources/webinars/security-testing-for-developers-on-demand},
year = {2017},
}