Pragmatic Application Security
Thoughts about Secure Development & AppSec Test Automation
I was recently at the OWASP AppSec Conference in Dublin where I was attending a terrific talk by Chris Romeo about DevSecOps fails. Although I could absolutely agree with most of his points, there was just one, which I often hear in this context, that I do have a different opinion about. And that is … Read more
The idea of integrating security into the software development process is not new. I can’t say for sure if Microsoft really was the first one who came up with this concept, but the Secure Development Lifecycle (SDL) that Microsoft published in 2002 lay doubtless the foundation of what is today generally referred to as a … Read more
Agile software development has gotten more and more attention in the last couple of years. Not only internet startups or media agencies but also large companies from conservative business lines like automotive, banking, insurance, and the public sector are more and more adjusting to the agile world. Since those companies are often already very much … Read more