Putting Application Security into Agile Development
Application Security is a critical part of software development that isn’t well represented in many agile projects. This talk will explain how to factor application security into short feedback cycles so that teams aren’t overwhelmed by application security issues or practices at any one time.
One of the challenges we have in using Application Security practices is where to start, how to get value. The world is being driven more and more by network-connected applications and services that are constantly under attack from the curious and malicious. What should you do If you aren’t involved with AppSec and still want to get started using AppSec practices? By adding steps to your daily practices and build a pipeline, you can iteratively add AppSec practices to your process and increase the security of your software. Join Tom as he lays out a plan for AppSec: where to start, how to achieve success, and build on it. We will also talk about what to do next, how you should introduce AppSec in your development process, and where AppSec should go in your build pipeline. Finally, we will discuss what can be accomplished with tools and what still needs to be done by a person.