Friday 27th June, 2014
2:30pm to 3:15pm
How can you be sure your application is 'secure'? Or 'secure enough'? The answer off course, is Security Testing. But which kind of testing? How much? When? By whom? How? And most important to the customer / manager: how much is it going to cost.
In this talk I'll be presenting the 'Application Security Verification Standard 2013' (ASVS) by the OWASP Foundation. A comprehensive framework for determining a security 'level' and steps to take to 'verify' this level. With this tool you'll be able to answer all the questions above.
I'll also talk briefly on how it integrates with a Secure Software Development Lifecycle at Ibuildings.
Personal professional microblog of Dutch Application Security Consultant. Opinions are my own and do not reflect my employer. bio from Twitter
Sign in to add slides, notes or videos to this session