Thursday 22nd September, 2016
7:15pm to 8:00pm
The bigger the company you're working in, the more technologies and methodologies used by development teams you are going to face. At the same time, you want to address security risks in an appropriate, reliable and measurable way for all of them.
After a short introduction of a unified process for handling security requirements in a large company, the main part of the talk is going to focus on a tool called SecurityRAT (Requirement Automation Tool) which has been developed in order to support and accelerate this process. The goal of the tool is first to provide a list of relevant security requirements according to properties of the developed software, and afterwards to handle these in a mostly automated way - integration with an issue tracker being used as a core feature.
The tool was open sourced in May 2016 (available at https://github.com/SecurityRAT) and is continuously being further developed since then. The newest implemented features, work in progress and future plans will form the last part of the talk.
Sign in to add slides, notes or videos to this session