As organizations prepare to deploy new applications or make significant changes to existing applications, they develop project plans to track this activity. In this video, learn how to incorporate web application security testing into internal project plans.
- [Instructor] Incorporating offline … application security testing into internal project plans … is a terrific way to keep costs down … while you're building security in. … With application development methodologies … expecting developers to more and more quickly though, … when does it make sense to develop a project plan at all? … Project plans are pretty common … in shops that use the waterfall methodology. … And they even have a home in agile environments. … DevOps is another animal entirely. … Regardless, there are two scenarios … where you'll find value in project planning, … even if it's just an academic exercise. … Brand new deployments … and significant changes to existing apps. … Brand new deployments are easy to identify. … If it didn't exist yesterday, … and it's going to exist tomorrow, … Significant changes, that can be a little trickier. … When you want to determine … whether or a not a change is significant, … keep focusing on what's new. … Are you adding entirely new functionality to the app? …
- Security frameworks
- OWASP Top Ten
- Building Security In Maturity Model (BSIMM)
- Planning your testing projects
- Creating security policies
- Source code reviews
- Application threat modeling
- Offline testing for OWASP Top Ten vulnerabilities
Skill Level Intermediate
DevSecOps: Automated Security Testingwith James Wickett1h 35m Intermediate
Security Testing Essential Trainingwith Jerod Brennen2h 48m Beginner
Security Testing: Nmap Security Scanningwith Mike Chapple1h 46m Intermediate
What you should know1m 17s
1. Leading Practices
2. Security Documentation
3. Source Code Security Reviews
4. Offline Testing for the OWASP Top Ten (2017)
Next steps3m 18s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.