How to integrate security into Agile SDLC using OWASP Application Security Verification Standard presented at saintcon 2016

by Dmitry Dessiatnikov,

Summary : OWASP Top 10 awareness document debuted in 2003 and since then has been widely adopted as a standard. It is a great introductory resource, but only covers top 10 risks, what about #11? Now in 2016 meet OWASP Application Security Verification Standard (ASVS) v.3.0.1.
This is an introductory presentation about what OWASP ASVS is and how to use it to integrate security into the aspects of Agile software development process. Such activities as definition of security-focused user stories, both functional and non-functional requirements will be discussed. The presentation will cover how to inject security and privacy considerations into the early phases of the Agile software development process to address the risks of security bugs pushed to production during frequent releases.
Who should attend this presentation?
This course is designed for software developers, SCRUM team members, application security professionals, software security auditors and quality assurance engineers.