Components of the AppSec Engine, Part 1

Presented by

Fulya Sengil, Sr Solution Architect, Veracode

About this talk

If you're planning to build a car engine, you'd probably start by researching instructions, collecting the necessary parts, and establishing a process to ensure that the build goes smoothly. The same goes for building an application security (AppSec) program. You'd need to figure out what AppSec tests you want to include, how you're going to incorporate them into the software development lifecycle (SDLC), and what process you're going to use – waterfall, agile, or DevOps. But you don't have to figure out how to build a car engine, or AppSec program, by yourself. Join us for part one of our three-part webinar series for tips on building, maturing, and maintaining an AppSec program. We will examine the various AppSec testing types – static analysis, software composition analysis, dynamic analysis, interactive application security testing, and penetration testing – determine which tests you should start with, and where they should go in the SDLC. We will then explore the various methodology types and modern application architecture.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (396)
Subscribers (31056)
Veracode is intelligent software security. The Veracode Software Security Platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Prompted by powerful AI trained by trillions of lines of code, Veracode customers fix flaws faster with high accuracy. Trusted by security teams, developers, and business leaders from thousands of the world’s leading organizations, Veracode is the pioneer, continuing to redefine what intelligent software security means. Learn more at