A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Secure Test Driven Development: Brakeman, Gauntlet, OWASP and the Work Still to Be Done - Ricky Rickard rrickardjr Bsides Cleveland 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

Secure Test Driven Development: Brakeman, Gauntlet, OWASP and the Work Still to Be Done
Ricky Rickard rrickardjr

In an increasingly connected world, security has come to the forefront. Developers hold one of the earliest opportunities to increase the security of their website or application. In this talk, we will examine using existing test driven development tools and practices to incorporate a greater emphasis on security into the development process. After a brief introduction, we will first look at test driven development and how it lends itself to secure practices. From there we will look at the 3 most significant tools for secure TDD: Brakeman, Gauntlt, and the OWASP Secure TDD project. We will run demos of all 3 tools, as well as explain their strengths and weaknesses. In conclusion, we will look at what needs to be done going forward to increase secure development practices as well as raise awareness for the concept of secure TDD.

I have been in information technology for over 20 years. I have recently switched over to the security side of information technology, specifically how the development and security aspects intertwine.


Back to Bsides Cleveland 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast