Posted on by Achim D. Brucker, licensed under CC BY-ND 4.0.

How to Enable Developers to Deliver Secure Code

The recording of the webinar on the benefits of applying security testing as early as possible in software development are now available online.

Security testing is an important part of any security development life-cycle (SDLC) and, thus, should be a part of any secure software development life-cycle. Still, security testing is often understood by an activity done by security testers in the time between “end of development” and “offering the product to customers”.

Learning from traditional testing that the fixing of bugs is the more costly the later it is done in development, we believe that security testing should be integrated into the daily development activities.

Based on the SDLC of a large software vendor, we will present the benefits of early security testing and discuss what is necessary to achieve a “security testing as development activity” approach.

The webinar was hosted by Checkmarx.

Supplementary Material

Welcome to the blog of the Software Assurance & Security Research Team at the University of Exeter. We blog regularly news, tips & tricks, as well as fun facts about software assurance, reliability, security, testing, verification, hacking, and logic.

You can also follow us on Twitter: @logicalhacking.




academia ai android apidesign appsec bitcoin blockchain bpmn browser browserextensions browsersecurity bug certification chrome composition cordova dast devops devsecops dom dsbd efsm epsrc event extensions fixeffort floss formaldocument formalmethods funding hol-ocl hol-testgen humanfactor hybridapps iast industry internetofthings iot isabelle/hol isabelledof isadof latex logic maintance malicous mbst mobile mobile apps modelinference modeling monads monitoring msc ocl ontology opensource owasp patches pet phd phdlife phishing policy protocols publishing reliability research safelinks safety sap sast sdlc secdevops secureprogramming security securityengineering securitytesting semantics servicecomposition skills smartcontract smartthings softwareeinginering softwaresecurity softwaresupplychain solidity staff&positions statemachine studentproject tcb test&proof testing tips&tricks tools transport tuos uk uoe upgrade usability verification vulnerabilities vulnerableapplication webinar websecurity


blog whole site