Continuous Application Security Testing
Because of its specialized nature, many aspects of application security testing are often assigned to testers from another team or another company, and they may be brought in to perform a point-in-time assessment prior to a release. Your team is interested in implementing continuous deployment, and automation seems like the obvious answer. But when attempting to automate your security tests, you may run into a wide variety of challenges beyond simply adding a tool into your build system. Josh Gibbs will discuss how to choose what to test, how to avoid slow tests, how to keep compliance people happy, and how to best coordinate testing among distributed teams. You will learn to navigate potential roadblocks when it comes to your application security testing and be prepared to overcome them.