Simple play icon Course
Skills

How to Verify for Security Early and Often

by DevSecCon

This presentation will explore how to inject security verification in every step of the software development, how to make security assessment an integral part of developers’ software engineering practice and which OWASP projects can be leveraged.

What you'll learn

In many organizations, testing for security is done following a “scan­-then-­fix” approach. The security team runs a scanning tool or conducts a pen test, triages the results, and presents a long list of vulnerabilities to be fixed right away to the development team. This is often referred to as "the hamster wheel of pain." There is a better way. This presentation will explore how to inject security verification in every step of the software development, how to make security assessment an integral part of developers’ software engineering practice and which OWASP projects can be leveraged.

Table of contents

How to Verify for Security Early and Often
12mins

About the author

DevSecCon is the global community dedicated to DevSecOps to help implement security in the overall development process. If you’re a security enthusiast & you want to learn more about how to better secure your team, then check out our community & resources.

Ready to upskill? Get started