PPT-Continuous and Visible Security Testing

Stephen de Vries stephendv w ith BDDSecurity About me CTO Continuum Security 16 years in security Specialised in application security Author of BDDSecurity framework Security testing still stuck in a waterfall world. Jeffrey . knapp. 8/6/14. Introduction. Why is it valuable. How to achieve. What to consider. Why? - Value. To the end client. Rapid delivery, less time from idea to production. To the company. Less software inventory. testin. g. tools . for web-based system. CS577b Individual Research. Shi-. Xuan. . Zeng. 04/23/2012. 1. Outline. Introduce security testing. Web . application/system . security testing. Web application/system security risks. BUILDING APPSEC ALL ALONG . THE WEB APPLICATION LIFECYCLE. Mikael Le Gall. Security Sales Engineer EMEA, Rapid7. Application Security Testing, Application Development, Vulnerability Management, Incident Detection & Response. Lianping Chen. lianping.chen@outlook.com. @. lianpingchen. The . presentation represents only my own views and doesn’t necessarily reflect those of my employer.. Build. Test. Run. Design. Threat Modeling. Continuous Delivery (CI/CD) Tool Chain. Who is this dude. Started life as a sysadmin of 5000 servers (physicals). Used programming to aid in managing those servers . Started the path of application delivery . About Me. #. whoami. Davide. . Cioccia. Security Engineer @ ING Bank NL. Italian leaving in the NL . 7 years security experience. Security magazines and OWASP MSTG contributor. Focus. :. Mobile application security . from C&As to . Continuous . Monitoring. Andrew . Patchan. . JD, . CISA. Associate . IG for IT, . FRB . Louis . c. King. , CPA, CISA, CMA, CFM, . CGFM. Assistant . IG for Financial & IT . Audits, DOT. . Integration. in Agile . environment. What is continuous integration ?. “Continuous Integration is a software development practice where members of a team integrate their work frequently, usually each person integrates at least daily - leading to multiple integrations per day. Each integration is verified by an automated build (including test) to detect integration errors as quickly as possible. Many teams find that this approach leads to significantly reduced integration problems and allows a team to develop cohesive software more rapidly.” Martin Fowler. Presented by:. Alistair Garrison. Director of Accessibility Research. CSUN 2018 Assistive. Technology Conference. March 21, 2018. Introduction. Alistair Garrison. Director of Accessibility Research. 17 years experience - auditing websites, and developing support tools.. About Me. My name is Michael Haselhurst.. I work for Sage as a Test Analyst.. This is the first OWASP meeting I’ve attended, so it’s a bit scary to be standing at the front when I should be hiding at the back of the room.. Bhanu. . Prakash. . Meher. . Regulagedda. - . Software engineer. Rupa. Reddy . Kothapalli. - . Software engineer. Capgemini. 2. Abstract. Big Data handles huge amount of data for analytics and industry has seen many security breaches regarding data recently. Presently the big data testing could be broadly divided into 3 steps:. Adam . Guida. Introduction. Adam . Guida. Senior QA Automation Developer. Work History: . 2011. – . Present: . Deutsche Bank Global Technologies . Cary, NC. 2006-2011. : . lulu.com - Raleigh, NC. Report tegus in the wild in Georgia! Note the location, take a photo and report the sighting online ( www.gainvasives.org/tegus ), by phone (478-994-1438) or by email ( gainvasives@dnr.ga.gov ). Lea OWASP MSTG and Calabash About Me • #whoami • Davide Cioccia • Security Engineer @ ING Bank NL • Italian leaving in the NL • +7 years security experience • Security magazines and OWASP MST