Before performing security testing of an application, it's important to communicate your plans with anyone who might be impacted by your testing. In this video, learn how to develop and implement a communication plan for your activity.
- [Instructor] Building security into your project plans … is a great first step, … but you're only getting started. … You also need to develop an effective communication plan. … When I put together my own communication plans, … I don't go for anything fancy or complicated. … Your goal should be rock simple. … Keep everyone on the same page. … You need to spend time on a communication plan … for your offline application security testing activities … because they will have some level of impact … on everyone involved. … Testing can impact schedules or deadlines. … If flaws need to be remediated … before subsequent development can occur, … then everyone impacted will need to know … when one of these flaws is discovered, … and when it's going to be remediated. … Testing also requires resources, … whether it's a developer, an analyst, … or a security professional, … someone needs to run those tests. … Someone needs to interpret the results … and provide guidance on how to address any findings. …
- Security frameworks
- OWASP Top Ten
- Building Security In Maturity Model (BSIMM)
- Planning your testing projects
- Creating security policies
- Source code reviews
- Application threat modeling
- Offline testing for OWASP Top Ten vulnerabilities
Skill Level Intermediate
DevSecOps: Automated Security Testingwith James Wickett1h 35m Intermediate
Security Testing Essential Trainingwith Jerod Brennen2h 48m Beginner
Security Testing: Nmap Security Scanningwith Mike Chapple1h 46m Intermediate
What you should know1m 17s
1. Leading Practices
2. Security Documentation
3. Source Code Security Reviews
4. Offline Testing for the OWASP Top Ten (2017)
Next steps3m 18s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.