Abstract: As more and more security-critical software applications are developed, tested, and delivered using agile, incorporating software security practices into an agile testing process becomes essential. This talk focuses on how to successfully incorporate security testing into all aspects of agile testing: development of security acceptance criteria & security stories, unit & component level security testing, security testing of user stories, and integration of security testing approaches into subsystem, integration, system, and regression testing activities. Practical lessons learned from integration security testing (both manual and automated approaches) into real-world agile projects will be discussed. Tools and automated techniques to support security testing within an agile environment are presented and demonstrated. Tips for getting started with security testing are discussed as well.
Learning Outcomes: - How to get started integrating security into agile testing activities.
- What some of the most important security testing activities are.
- Where software developers and agile testers should focus their security testing efforts.
Attachments:
