Components of the AppSec Engine, Part 1

Presented by

Fulya Sengil, Sr Solution Architect, Veracode

About this talk

If you're planning to build a car engine, you'd probably start by researching instructions, collecting the necessary parts, and establishing a process to ensure that the build goes smoothly. The same goes for building an application security (AppSec) program. You'd need to figure out what AppSec tests you want to include, how you're going to incorporate them into the software development lifecycle (SDLC), and what process you're going to use – waterfall, agile, or DevOps. But you don't have to figure out how to build a car engine, or AppSec program, by yourself. Join us for part one of our three-part webinar series for tips on building, maturing, and maintaining an AppSec program. We will examine the various AppSec testing types – static analysis, software composition analysis, dynamic analysis, interactive application security testing, and penetration testing – determine which tests you should start with, and where they should go in the SDLC. We will then explore the various methodology types and modern application architecture.

Related topics:

More from this channel

Upcoming talks (2)
On-demand talks (354)
Subscribers (29558)
Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications. By identifying critical application-layer threats before cyber-attackers can find and exploit them, Veracode helps enterprises deliver innovation to market faster — without sacrificing security.