This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

AppSecEU08 Security framework is not in the code

From OWASP
Revision as of 06:31, 16 May 2008 by Sammyrulez (talk | contribs) (New page: The speech will focus on how a Security management framework effects the life-cycle of a web application and how to put developers and functional analysts in control of a security risk man...)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The speech will focus on how a Security management framework effects the life-cycle of a web application and how to put developers and functional analysts in control of a security risk management framework. In the first part there will be a quick overview of what a Security management framework is, best practice on how to deal with it and the role played in the architectural design phase, the development phase, the test phase and the enhancement phase. The second part is more about tools and behaviours that could lead to a set of data that can be evaluated to fulfill a security risk management in web application development. The objective is to demonstrate that security management can be plugged in in both classical and agile development life-cycle in a unintrusive manner.