The Security Testing Pyramid for Developers by Andreas Falk
The Security Testing Pyramid for Developers
Most of you are probably familiar with Mike Cohn's test pyramid and already practice test-driven development in your projects.
But does your test pyramid also include application security checks?
Continuous application security is becoming increasingly important, especially in the context of agile development with continuous delivery. The pattern of penetration testing before going live, which is still practiced today, no longer works. Instead, security must be continuously verified for each increment over and over again.
In this presentation, we will look at the entire test pyramid from the security perspective. We will see how to improve the security level in applications by adding effective security tests at each level of the pyramid. So it is possible to cover a significant portion of the OWASP Top 10 security categories with automated tests. This is illustrated by live demos showing tests for authentication, authorization, input validation, and SQL injections, among others.
About the Speaker:
*********************
Andreas Falk works for Novatec Consulting located in Stuttgart/Germany. Here, he has been working on various projects as an architect, coach, or developer. His focus is on the agile development of cloud-native Java applications. As a member of OWASP and the OpenID Foundation, he also likes to deal with all aspects of application security.
Watch video The Security Testing Pyramid for Developers by Andreas Falk online without registration, duration hours minute second in high quality. This video was added by user SBA Research 06 June 2021, don't forget to share it with your friends and acquaintances, it has been viewed on our site 17 once and liked it people.