Bhushan Gupta, Gupta Consulting, LLC.
Cybersecurity is one of the major issues that IT industry is facing today. The threat of a security breach exists at IT infrastructure perimeter, network, hosting environment, and application levels and its extent is on the rise. Additionally, the cybersecurity hackers are constantly on the move to find new ways to invade IT security which makes it difficult for the organizations to keep its security promise to its customers.
The objective of this workshop is to understand and learn important elements of a web application security and a development lifecycle that will yield a sound web application with minimal security risk. Using OWASP framework, the course first analyzes the most critical web application security risks with respect to access control, network OSI, encryption, environment, and deployment process. For a typical iteration in an agile development environment, it then lays out security related stories and acceptance criteria thus building a sound software development lifecycle (SDLC). The focus of this course is to provide a thorough understanding of security risks and how they can be overcome by following a well-designed development lifecycle.
When the workshop is completed, the attendees will be able to:
- Understand security threats and stakeholders for a web application
- Establish security activities and acceptance criteria for an agile iteration
- Evaluation of security status at the end of each iteration
- Security assessment and reporting prior to release
- Customization of product lifecycle with security focus
Target Audience: Intermediate
Bhushan Gupta, 2016 Workshop, Abstract, Paper, Slides, Notes, Video.