Handling of Security Requirements in Software Development Lifecycle

A session at OWASP NL Chapter Meeting

Thursday 22nd September, 2016

7:15pm to 8:00pm (AMT)

The bigger the company you're working in, the more technologies and methodologies used by development teams you are going to face. At the same time, you want to address security risks in an appropriate, reliable and measurable way for all of them.

After a short introduction of a unified process for handling security requirements in a large company, the main part of the talk is going to focus on a tool called SecurityRAT (Requirement Automation Tool) which has been developed in order to support and accelerate this process. The goal of the tool is first to provide a list of relevant security requirements according to properties of the developed software, and afterwards to handle these in a mostly automated way - integration with an issue tracker being used as a core feature.

The tool was open sourced in May 2016 (available at https://github.com/SecurityRAT) and is continuously being further developed since then. The newest implemented features, work in progress and future plans will form the last part of the talk.

About the speakers

This person is speaking at this event.
Daniel Kefer
This person is speaking at this event.
René Reuter

Sign in to add slides, notes or videos to this session

Tell your friends!


Time 7:15pm8:00pm AMT

Date Thu 22nd September 2016

Short URL


View the schedule


See something wrong?

Report an issue with this session