Security Testing

Concurrent Sessions

T17 Better Security Testing: Using the Cloud and Continuous Delivery

Gene Gotimer, Coveros, Inc.

Thu, 05/02/2013 - 1:30pm

Even though many organizations claim that security is a priority, that claim doesn’t always translate into supporting security initiatives in software development or test. Security code reviews often are overlooked or avoided, and when development schedules fall behind, security testing may be dropped to help the team “catch up.” Everyone wants more secure development; they just don’t want to spend time or money to get it. Gene Gotimer describes his experiences with implementing a continuous delivery process in the cloud and how he integrated security testing into that process.

T23 HTML5 Security Testing at Spotify

Alexander Andelkovic, Spotify

Thu, 05/02/2013 - 3:00pm

HTML5 is one of the hottest technologies around right now because HTML5 apps are beautiful, engaging, and can perform important and entertaining functions. With the wide range of devices and platforms to support, the promise of multi-platform support is appealing. But HTML5 apps present their own range of security issues. So, what do you do about security? How do you test HTML5 applications to ensure their security? Alexander Andelkovic works at Spotify where their streaming music player desktop client applications are all HTML5-based.