STARWEST 2019 - Security Testing | TechWell

STARWEST 2019 - Security Testing

Tuesday, October 1

Jeff Payne
Coveros
TE

Web Security Testing: The Basics and More

Add to calendar
Tuesday, October 1, 2019 - 8:30am to 12:00pm

Web applications are often security critical or serve as front-ends for security critical applications, making web testing for vulnerabilities an essential part of software testing. Unfortunately, most software testers have not been taught how to identify web security issues while testing applications. Join Jeffery Payne as he shares what you need to know to security test web-based applications as part of your overall testing process. Learn about the most common web security vulnerabilities and how they are introduced into web code and exploited by hackers. Explore test techniques for...

Wednesday, October 2

Stacy Kirk
QualityWorks Consulting Group, LLC
K1

QADevSecOps: Leading a Quality-Driven DevOps Transformation

Add to calendar
Wednesday, October 2, 2019 - 8:30am to 9:45am

Have you wondered where QA professionals fit into a DevSecOps transformation? Stacy Kirk thinks they should champion the transformation. Regardless of where your company is on its journey to DevSecOps, quality must be at the forefront for optimal effectiveness and customer value. This means promoting feedback loops that use monitoring and reporting tools effectively, and most importantly, it means creating a culture of collaborative communication and continuous improvement. The role of the QADevSecOps practitioner must evolve from ensuring the quality of software to assessing the...

Josh_Gibbs
Contrast Security
W6

Continuous Application Security Testing

Preview
Add to calendar
Wednesday, October 2, 2019 - 11:30am to 12:30pm

Because of its specialized nature, many aspects of application security testing are often assigned to testers from another team or another company, and they may be brought in to perform a point-in-time assessment prior to a release. Your team is interested in implementing continuous deployment, and automation seems like the obvious answer. But when attempting to automate your security tests, you may run into a wide variety of challenges beyond simply adding a tool into your build system. Josh Gibbs will discuss how to choose what to test, how to avoid slow tests, how to keep...

Thursday, October 3

Saltworks Security
T6

Large-Scale DevSecOps: Bringing Security Confidence to Chaotic Development

Preview
Add to calendar
Thursday, October 3, 2019 - 9:45am to 10:45am

Implementing application security (AppSec) programs on a large scale can often seem chaotic and unwieldy. Without the proper knowledge to implement robust AppSec tools, DevSecOps on a large scale can be overwhelming. And with the countless number of customizable build, task-tracking, and CI integration systems available, many companies don’t know where to begin implementation of DevSecOps. Join Dennis Hurst as he shares the knowledge necessary to wield powerful AppSec tools based on his experience with a variety of large corporate clients. Dennis will discuss common pitfalls and...