In an increasingly connected world, security has come to the forefront. Developers hold one of the earliest opportunities to increase the security of their website or application. In this talk, we will examine using existing test driven development tools and practices to incorporate a greater emphasis on security into the development process. After a brief introduction, we will first look at test driven development and how it lends itself to secure practices. From there we will look at the 3 most significant tools for secure TDD: Brakeman, Gauntlt, and the OWASP Secure TDD project. We will run demos of all 3 tools, as well as explain their strengths and weaknesses. In conclusion, we will look at what needs to be done going forward to increase secure development practices as well as raise awareness for the concept of secure TDD.

I have been in information technology for over 20 years. I have recently switched over to the security side of information technology, specifically how the development and security aspects intertwine.

Back to Bsides Cleveland 2015 video list