Rapid7 Header
  • Product Presentation
  • Technik I
  • Trend topic

Application Security after the Pandemic - the New Software Development Lifecycle

A new approach for the SDLC unifies security and speed during development of web apps.

10/8/2020 4:00:00 PM – 10/8/2020 4:15:00 PM

Please log in or register in advance so that you can take part in actions or watch videos about the action!

This action is available to the it-sa 365 community as a video.

Rapid7 Header
  • Product Presentation
  • Technik I

A new approach for the SDLC unifies security and speed during development of web apps.

Language: German

Questions and Answers: Yes

graphical blue background
close

This video is available to the it-sa 365 community. Please register or log in with your login data.

Action description

The trend towards working from home, which will also survive the pandemic, combined with the significantly accelerated migration to the cloud and the need for agile development methods, pose considerable challenges to application security. Applications have to go live as quickly as possible and undergo frequent changes, which is why security in DevOps concepts is often not the top priority. In recent years, however, automated security tests have increasingly been dynamically integrated into the CI / CD process and supplemented by penetration tests to ensure that the new application is not hacked the second it goes live.

This so-called "shift left" approach to security has been advocated for almost 10 years. "Shift Left" stands for performing security evaluations as early as possible in the Software Development Lifecycle (SDLC) to prevent vulnerabilities from ever reaching the test phase. This approach is designed to give developers the tools they need to produce secure code. This reduces the likelihood that you will have to start over and fix defects after the test phase.

At the same time, however, there is also the "Shift Right" approach to security, which focuses less on fixing errors and more on mitigating vulnerabilities. The "Shift Right" security is orchestrated by InfoSec and Operations teams. It reduces the risk of a software attack by protecting known and unknown vulnerabilities in the production environment. The combination of Shift Left and Shift Right creates an iterative process or a new SDLC in which developers can also process feedback and experience from productive operation.

Find out in our presentation what a secure software development lifecycle can look like in pandemic and post-pandemic times.

read more

Speaker