STAREAST 2024 Tutorial: Application Security Tools for Continuous Testing

SEE PRICING & PACKAGES

Monday, April 26, 2021 - 2:00pm to 5:30pm

Application Security Tools for Continuous Testing

There are lots of tools out there to support security testing activities. You’ve probably seen some of the acronyms used to describe them when looking at marketing material or reading about application security - SAST, DAST, IAST, RASP, etc. But the question is always which tools to use where within your testing process. This is particularly important in a DevOps model where continuous testing is used to continuously validate code as it changes. Selecting the wrong tools or using them at the wrong place can impact your delivery process significantly. In this tutorial, Jeffery Payne discusses the various types of security tools available and how they are typically used within a rigorous continuous testing process. Key types of security testing are explained with a focus on where to apply what tooling. Demonstrations are given of various open-source and commercial tools to show how they work and what the pros and cons of each type of security testing is. Learn all about security testing tools during this tutorial. Take home valuable information on what tools fit where in a continuous testing process.

Jeff Payne
Coveros

Jeffery Payne is CEO and founder of Coveros, Inc., a company that helps organizations accelerate software delivery using agile methods. Prior to founding Coveros, he was the co-founder of application security company Cigital, where he served as CEO for 16 years.

Jeffery is a recognized software expert and popular keynote speaker at both business and technology conferences on a variety of software quality, security, DevOps, and agile topics. He has testified in front of congress on issues such as digital rights mgmt., software quality, and software research.

Jeffery is the technical editor of the AgileConnection community (www.agileconnection.com).