SlideShare a Scribd company logo

Outpost24 webinar - Covid-19: Driving application security resilience in times of crisis

Outpost24
Outpost24

Our security expert will show you how to optimize the results of traditional pen tests to increase cost efficiency through automation

Software
1 of 21
Download to read offline
Creating application security resilience during the pandemic Covid-19 webinar Simon Roe, Product Manager May 13, 2020
2 Covid-19 changed the world as we know it
Lockdown – Changing the way we live and work 3
4 8.4bn The number of records exposed in Q1 2020 273% increase from 2019 Mostly from the web The Covid-19 ripple effect
Launch now, test later? • Web application is the #1 attack vector for data breach • 44% of organizations don't test the security of their web apps before launch • Knowing your security posture is more important than ever 5
6 Cyber hygiene is your best defense • Yes. The benefits gained are very valuable • Find the backdoors – or things your automated tools miss • Risk prioritisation • Improve detection and alerting (OWASP top 10 2017 A10) • Validate your controls • Comply with local, national and international regulations • It helps fill in the blanks from your automated scanning
The old Pen test in the current climate 7
8 This is what you think you pay for A 10 day total Penetration test at an agreed ‘Day rate’ ($750-$1,000+) Test Application (10 Days / $7,500) $$
But what about these costs 9 Appoint company, negotiate contract (5 days / $2,500)Tender (2 days / $1000) Scope, agree start date (2 Days/ $1,000) Your 10 day test is really 15 – 20 days Upfront cost + Test Application (10 + 9 = 19 Days / $12,000) + $4,500 $$$$ + 9 days The day rate of your in house staff ($500)
Wait, there’s even more costs 10 Review the report (3 days / $1,500) Create remediation issues ( 2 days / $1,000) A 10 day test, is likely 8 days testing, with 1 day report writing and 1 day hand over and maybe some delays thrown in during testing Remediate – (10+ day /$5,000) Upfront cost + Test Application (19 – 2 = 17 Days / but the cost is still $12,000) $$$$$$ Adding another 15+ days and $7,500 = potentially $19,500!!
11 $$ $$$$ $$$$$$ • Go to tender • Find your supplier • Scope out the app • Negotiate the contract • Review the findings • Add them to your issue tracking / backlog • Remediate The real cost of that $750/day test
12 Worse still….. It delivers poor value
13 • Delays happen when you are not ready for the testers • Testing can impact production, leading to a rescope and loss of time • Wait for the report to be written • Your ‘10 day test’ probably results in 5 days of manual testing effort You don’t get what you pay for
14 It costs you more money and delivery less value • You think of the ‘test’ as a number of ‘Man days’. It’s a false economy. You miss all the other costs before and after the test • Your test is likely 50% automation with some review of findings, a day for the reports and a day for the hand over • You cannot work on remediation until the test finishes (delays) and you have been given the report • Likely you will be juggling false positives, subjective findings and have no real way to query or clarify the issues • You cannot easily verify that your development teams have fixed the issues reported And yet you still do it
Changing the way you test apps 15
16 • Next Gen Appsec program • Annual contracts • Pool of testing, requested on demand • Zero false positives • Findings posted to UI available for remediation during testing • Direct access to the analysts • Ability to request verification of remediation activities • Customers save time & money whilst being able to request testing that suits their timelines and SDLC processes Next Gen Appsec program
17 • 365 monitoring • Daily assessments • Regular manual assessment • Findings presented as soon as they are assessed Continuous assessment for Critical Applications
18 • Like major streaming TV stations : you tell us when you want to consume a license • Fixed fee – know upfront the cost • Up to thirty days of manual testing and remediation advice • No false positives On demand for everything else
19 Old vs New Build application security resilience Old : hidden costs per test New: fixed upfront cost Old: You test when you can, and pause your Dev. New: Test continuously, or on demand, as part of the Dev process Old: you remediate long after the test has finished New: you remediate whilst the test is still ongoing $$
#StandByYou during Covid-19 Talk to us to find out how to take advantage of our security testing offers to maintain your cyber hygiene https://marketing.outpost2 4.com/mkg/standbyyou- during-covid-19 20
Simon Roe Product Manager - Appsec sro@outpost24.com Questions 21

Recommended

How to measure the business impact of web performance
How to measure the business impact of web performanceHow to measure the business impact of web performance
How to measure the business impact of web performance
SOASTA
 
Delivering react app with confidence: Testing Pyramid
Delivering react app with confidence: Testing PyramidDelivering react app with confidence: Testing Pyramid
Delivering react app with confidence: Testing Pyramid
Seven Peaks Speaks
 
Tis The Season: Load Testing Tips and Checklist for Retail Seasonal Readiness
Tis The Season: Load Testing Tips and Checklist for Retail Seasonal ReadinessTis The Season: Load Testing Tips and Checklist for Retail Seasonal Readiness
Tis The Season: Load Testing Tips and Checklist for Retail Seasonal Readiness
SOASTA
 
Shift left
Shift leftShift left
Shift left
penetration Tester
 
13 things your QA team wants you to know
13 things your QA team wants you to know13 things your QA team wants you to know
13 things your QA team wants you to know
Simon Papineau
 
6 Ways to Speed Up App Testing
6 Ways to Speed Up App Testing6 Ways to Speed Up App Testing
6 Ways to Speed Up App Testing
Perfecto by Perforce
 
Synthetic and rum webinar
Synthetic and rum webinarSynthetic and rum webinar
Synthetic and rum webinar
SOASTA
 
Testing In Production (TiP) Advances with Big Data & the Cloud
Testing In Production (TiP) Advances with Big Data & the CloudTesting In Production (TiP) Advances with Big Data & the Cloud
Testing In Production (TiP) Advances with Big Data & the Cloud
SOASTA
 

Recommended

How to measure the business impact of web performance
How to measure the business impact of web performanceHow to measure the business impact of web performance
How to measure the business impact of web performance
SOASTA
 
Delivering react app with confidence: Testing Pyramid
Delivering react app with confidence: Testing PyramidDelivering react app with confidence: Testing Pyramid
Delivering react app with confidence: Testing Pyramid
Seven Peaks Speaks
 
Tis The Season: Load Testing Tips and Checklist for Retail Seasonal Readiness
Tis The Season: Load Testing Tips and Checklist for Retail Seasonal ReadinessTis The Season: Load Testing Tips and Checklist for Retail Seasonal Readiness
Tis The Season: Load Testing Tips and Checklist for Retail Seasonal Readiness
SOASTA
 
Shift left
Shift leftShift left
Shift left
penetration Tester
 
13 things your QA team wants you to know
13 things your QA team wants you to know13 things your QA team wants you to know
13 things your QA team wants you to know
Simon Papineau
 
6 Ways to Speed Up App Testing
6 Ways to Speed Up App Testing6 Ways to Speed Up App Testing
6 Ways to Speed Up App Testing
Perfecto by Perforce
 
Synthetic and rum webinar
Synthetic and rum webinarSynthetic and rum webinar
Synthetic and rum webinar
SOASTA
 
Testing In Production (TiP) Advances with Big Data & the Cloud
Testing In Production (TiP) Advances with Big Data & the CloudTesting In Production (TiP) Advances with Big Data & the Cloud
Testing In Production (TiP) Advances with Big Data & the Cloud
SOASTA
 
SOASTA Webinar: Process Compression For Mobile App Dev 120612
SOASTA Webinar: Process Compression For Mobile App Dev 120612SOASTA Webinar: Process Compression For Mobile App Dev 120612
SOASTA Webinar: Process Compression For Mobile App Dev 120612
SOASTA
 
Sauce Labs Webinar: Rising Importance of Software Testing
Sauce Labs Webinar: Rising Importance of Software TestingSauce Labs Webinar: Rising Importance of Software Testing
Sauce Labs Webinar: Rising Importance of Software Testing
Sauce Labs
 
Boundary Conditions - Who Needs Agile?
Boundary Conditions - Who Needs Agile?Boundary Conditions - Who Needs Agile?
Boundary Conditions - Who Needs Agile?
John Carter
 
RecSysOps: Best Practices for Operating a Large-Scale Recommender System
RecSysOps: Best Practices for Operating a Large-Scale Recommender SystemRecSysOps: Best Practices for Operating a Large-Scale Recommender System
RecSysOps: Best Practices for Operating a Large-Scale Recommender System
Ehsan38
 
The Pothole of Automating Too Much
The Pothole of Automating Too MuchThe Pothole of Automating Too Much
The Pothole of Automating Too Much
TechWell
 
Ruminations from a construction site
Ruminations from a construction siteRuminations from a construction site
Ruminations from a construction site
Vedzen Institute
 
Delivering Excellent Digital Quality to Your Customers
Delivering Excellent Digital Quality to Your CustomersDelivering Excellent Digital Quality to Your Customers
Delivering Excellent Digital Quality to Your Customers
Applause
 
Tackling Strategic Engineering Challenges
Tackling Strategic Engineering ChallengesTackling Strategic Engineering Challenges
Tackling Strategic Engineering Challenges
Applause
 
7 steps to pragmatic mobile testing
7 steps to pragmatic mobile testing7 steps to pragmatic mobile testing
7 steps to pragmatic mobile testing
SOASTA
 
Adopting Cloud Testing for Continuous Delivery, with the premier global provi...
Adopting Cloud Testing for Continuous Delivery, with the premier global provi...Adopting Cloud Testing for Continuous Delivery, with the premier global provi...
Adopting Cloud Testing for Continuous Delivery, with the premier global provi...
SOASTA
 
How, why, and the roi kcdc '21
How, why, and the roi kcdc '21How, why, and the roi kcdc '21
How, why, and the roi kcdc '21
Marcus Merrell
 
Final Report
Final ReportFinal Report
Final Report
Ellen Van
 
5 Keys to Your Best Automated Testing Strategy
5 Keys to Your Best Automated Testing Strategy5 Keys to Your Best Automated Testing Strategy
5 Keys to Your Best Automated Testing Strategy
SOASTA
 
AMC Networks Experiments Faster on the Server Side
AMC Networks Experiments Faster on the Server SideAMC Networks Experiments Faster on the Server Side
AMC Networks Experiments Faster on the Server Side
Optimizely
 
Final tips holiday readiness 2015 for slide share
Final tips holiday readiness 2015 for slide shareFinal tips holiday readiness 2015 for slide share
Final tips holiday readiness 2015 for slide share
SOASTA
 
How to Test the Internet of Everything
How to Test the Internet of EverythingHow to Test the Internet of Everything
How to Test the Internet of Everything
SQALab
 
How The Zebra Utilized Feature Experiments To Increase Carrier Card Engagemen...
How The Zebra Utilized Feature Experiments To Increase Carrier Card Engagemen...How The Zebra Utilized Feature Experiments To Increase Carrier Card Engagemen...
How The Zebra Utilized Feature Experiments To Increase Carrier Card Engagemen...
Optimizely
 
Four best practices for performance testing mobile apps soasta and utopia
Four best practices for performance testing mobile apps soasta and utopiaFour best practices for performance testing mobile apps soasta and utopia
Four best practices for performance testing mobile apps soasta and utopia
SOASTA
 
O'Reilly Webcast: How Nordstrom Prepares Its Site for Holidays and Major Events
O'Reilly Webcast: How Nordstrom Prepares Its Site for Holidays and Major EventsO'Reilly Webcast: How Nordstrom Prepares Its Site for Holidays and Major Events
O'Reilly Webcast: How Nordstrom Prepares Its Site for Holidays and Major Events
SOASTA
 
Nikos chaldeos testing stories
Nikos chaldeos testing storiesNikos chaldeos testing stories
Nikos chaldeos testing stories
NikosChaldeos
 
Outpost24 webinar - The economics of penetration testing in the new threat la...
Outpost24 webinar - The economics of penetration testing in the new threat la...Outpost24 webinar - The economics of penetration testing in the new threat la...
Outpost24 webinar - The economics of penetration testing in the new threat la...
Outpost24
 
Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...
Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...
Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...
Outpost24
 

More Related Content

What's hot

SOASTA Webinar: Process Compression For Mobile App Dev 120612
SOASTA Webinar: Process Compression For Mobile App Dev 120612SOASTA Webinar: Process Compression For Mobile App Dev 120612
SOASTA Webinar: Process Compression For Mobile App Dev 120612
SOASTA
 
Sauce Labs Webinar: Rising Importance of Software Testing
Sauce Labs Webinar: Rising Importance of Software TestingSauce Labs Webinar: Rising Importance of Software Testing
Sauce Labs Webinar: Rising Importance of Software Testing
Sauce Labs
 
Boundary Conditions - Who Needs Agile?
Boundary Conditions - Who Needs Agile?Boundary Conditions - Who Needs Agile?
Boundary Conditions - Who Needs Agile?
John Carter
 
RecSysOps: Best Practices for Operating a Large-Scale Recommender System
RecSysOps: Best Practices for Operating a Large-Scale Recommender SystemRecSysOps: Best Practices for Operating a Large-Scale Recommender System
RecSysOps: Best Practices for Operating a Large-Scale Recommender System
Ehsan38
 
The Pothole of Automating Too Much
The Pothole of Automating Too MuchThe Pothole of Automating Too Much
The Pothole of Automating Too Much
TechWell
 
Ruminations from a construction site
Ruminations from a construction siteRuminations from a construction site
Ruminations from a construction site
Vedzen Institute
 
Delivering Excellent Digital Quality to Your Customers
Delivering Excellent Digital Quality to Your CustomersDelivering Excellent Digital Quality to Your Customers
Delivering Excellent Digital Quality to Your Customers
Applause
 
Tackling Strategic Engineering Challenges
Tackling Strategic Engineering ChallengesTackling Strategic Engineering Challenges
Tackling Strategic Engineering Challenges
Applause
 
7 steps to pragmatic mobile testing
7 steps to pragmatic mobile testing7 steps to pragmatic mobile testing
7 steps to pragmatic mobile testing
SOASTA
 
Adopting Cloud Testing for Continuous Delivery, with the premier global provi...
Adopting Cloud Testing for Continuous Delivery, with the premier global provi...Adopting Cloud Testing for Continuous Delivery, with the premier global provi...
Adopting Cloud Testing for Continuous Delivery, with the premier global provi...
SOASTA
 
How, why, and the roi kcdc '21
How, why, and the roi kcdc '21How, why, and the roi kcdc '21
How, why, and the roi kcdc '21
Marcus Merrell
 
Final Report
Final ReportFinal Report
Final Report
Ellen Van
 
5 Keys to Your Best Automated Testing Strategy
5 Keys to Your Best Automated Testing Strategy5 Keys to Your Best Automated Testing Strategy
5 Keys to Your Best Automated Testing Strategy
SOASTA
 
AMC Networks Experiments Faster on the Server Side
AMC Networks Experiments Faster on the Server SideAMC Networks Experiments Faster on the Server Side
AMC Networks Experiments Faster on the Server Side
Optimizely
 
Final tips holiday readiness 2015 for slide share
Final tips holiday readiness 2015 for slide shareFinal tips holiday readiness 2015 for slide share
Final tips holiday readiness 2015 for slide share
SOASTA
 
How to Test the Internet of Everything
How to Test the Internet of EverythingHow to Test the Internet of Everything
How to Test the Internet of Everything
SQALab
 
How The Zebra Utilized Feature Experiments To Increase Carrier Card Engagemen...
How The Zebra Utilized Feature Experiments To Increase Carrier Card Engagemen...How The Zebra Utilized Feature Experiments To Increase Carrier Card Engagemen...
How The Zebra Utilized Feature Experiments To Increase Carrier Card Engagemen...
Optimizely
 
Four best practices for performance testing mobile apps soasta and utopia
Four best practices for performance testing mobile apps soasta and utopiaFour best practices for performance testing mobile apps soasta and utopia
Four best practices for performance testing mobile apps soasta and utopia
SOASTA
 
O'Reilly Webcast: How Nordstrom Prepares Its Site for Holidays and Major Events
O'Reilly Webcast: How Nordstrom Prepares Its Site for Holidays and Major EventsO'Reilly Webcast: How Nordstrom Prepares Its Site for Holidays and Major Events
O'Reilly Webcast: How Nordstrom Prepares Its Site for Holidays and Major Events
SOASTA
 
Nikos chaldeos testing stories
Nikos chaldeos testing storiesNikos chaldeos testing stories
Nikos chaldeos testing stories
NikosChaldeos
 

What's hot (20)

SOASTA Webinar: Process Compression For Mobile App Dev 120612
SOASTA Webinar: Process Compression For Mobile App Dev 120612SOASTA Webinar: Process Compression For Mobile App Dev 120612
SOASTA Webinar: Process Compression For Mobile App Dev 120612
 
Sauce Labs Webinar: Rising Importance of Software Testing
Sauce Labs Webinar: Rising Importance of Software TestingSauce Labs Webinar: Rising Importance of Software Testing
Sauce Labs Webinar: Rising Importance of Software Testing
 
Boundary Conditions - Who Needs Agile?
Boundary Conditions - Who Needs Agile?Boundary Conditions - Who Needs Agile?
Boundary Conditions - Who Needs Agile?
 
RecSysOps: Best Practices for Operating a Large-Scale Recommender System
RecSysOps: Best Practices for Operating a Large-Scale Recommender SystemRecSysOps: Best Practices for Operating a Large-Scale Recommender System
RecSysOps: Best Practices for Operating a Large-Scale Recommender System
 
The Pothole of Automating Too Much
The Pothole of Automating Too MuchThe Pothole of Automating Too Much
The Pothole of Automating Too Much
 
Ruminations from a construction site
Ruminations from a construction siteRuminations from a construction site
Ruminations from a construction site
 
Delivering Excellent Digital Quality to Your Customers
Delivering Excellent Digital Quality to Your CustomersDelivering Excellent Digital Quality to Your Customers
Delivering Excellent Digital Quality to Your Customers
 
Tackling Strategic Engineering Challenges
Tackling Strategic Engineering ChallengesTackling Strategic Engineering Challenges
Tackling Strategic Engineering Challenges
 
7 steps to pragmatic mobile testing
7 steps to pragmatic mobile testing7 steps to pragmatic mobile testing
7 steps to pragmatic mobile testing
 
Adopting Cloud Testing for Continuous Delivery, with the premier global provi...
Adopting Cloud Testing for Continuous Delivery, with the premier global provi...Adopting Cloud Testing for Continuous Delivery, with the premier global provi...
Adopting Cloud Testing for Continuous Delivery, with the premier global provi...
 
How, why, and the roi kcdc '21
How, why, and the roi kcdc '21How, why, and the roi kcdc '21
How, why, and the roi kcdc '21
 
Final Report
Final ReportFinal Report
Final Report
 
5 Keys to Your Best Automated Testing Strategy
5 Keys to Your Best Automated Testing Strategy5 Keys to Your Best Automated Testing Strategy
5 Keys to Your Best Automated Testing Strategy
 
AMC Networks Experiments Faster on the Server Side
AMC Networks Experiments Faster on the Server SideAMC Networks Experiments Faster on the Server Side
AMC Networks Experiments Faster on the Server Side
 
Final tips holiday readiness 2015 for slide share
Final tips holiday readiness 2015 for slide shareFinal tips holiday readiness 2015 for slide share
Final tips holiday readiness 2015 for slide share
 
How to Test the Internet of Everything
How to Test the Internet of EverythingHow to Test the Internet of Everything
How to Test the Internet of Everything
 
How The Zebra Utilized Feature Experiments To Increase Carrier Card Engagemen...
How The Zebra Utilized Feature Experiments To Increase Carrier Card Engagemen...How The Zebra Utilized Feature Experiments To Increase Carrier Card Engagemen...
How The Zebra Utilized Feature Experiments To Increase Carrier Card Engagemen...
 
Four best practices for performance testing mobile apps soasta and utopia
Four best practices for performance testing mobile apps soasta and utopiaFour best practices for performance testing mobile apps soasta and utopia
Four best practices for performance testing mobile apps soasta and utopia
 
O'Reilly Webcast: How Nordstrom Prepares Its Site for Holidays and Major Events
O'Reilly Webcast: How Nordstrom Prepares Its Site for Holidays and Major EventsO'Reilly Webcast: How Nordstrom Prepares Its Site for Holidays and Major Events
O'Reilly Webcast: How Nordstrom Prepares Its Site for Holidays and Major Events
 
Nikos chaldeos testing stories
Nikos chaldeos testing storiesNikos chaldeos testing stories
Nikos chaldeos testing stories
 

Similar to Outpost24 webinar - Covid-19: Driving application security resilience in times of crisis

Outpost24 webinar - The economics of penetration testing in the new threat la...
Outpost24 webinar - The economics of penetration testing in the new threat la...Outpost24 webinar - The economics of penetration testing in the new threat la...
Outpost24 webinar - The economics of penetration testing in the new threat la...
Outpost24
 
Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...
Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...
Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...
Outpost24
 
Clover Rings Up Digital Growth to Drive Experimentation
Clover Rings Up Digital Growth to Drive ExperimentationClover Rings Up Digital Growth to Drive Experimentation
Clover Rings Up Digital Growth to Drive Experimentation
Optimizely
 
SbE - Requirements in an agile process
SbE - Requirements in an agile processSbE - Requirements in an agile process
SbE - Requirements in an agile process
Chris Schotanus
 
Owasp LA
Owasp LAOwasp LA
Owasp LA
leifdreizler
 
IT Fraud and Countermeasures
IT Fraud and CountermeasuresIT Fraud and Countermeasures
IT Fraud and Countermeasures
Jim Kaplan CIA CFE
 
3. introduction to software testing
3. introduction to software testing3. introduction to software testing
3. introduction to software testing
Chandra Maddigapu
 
Top 10 Benefits of Crowd Testing
Top 10 Benefits of Crowd TestingTop 10 Benefits of Crowd Testing
Top 10 Benefits of Crowd Testing
KiwiQA
 
Software Testing
Software TestingSoftware Testing
Software Testing
KarthicaMarasamy
 
How to build confidence in your release cycle
How to build confidence in your release cycleHow to build confidence in your release cycle
How to build confidence in your release cycle
DiUS
 
Agile Methods: Fact or Fiction
Agile Methods: Fact or FictionAgile Methods: Fact or Fiction
Agile Methods: Fact or Fiction
Matt Ganis
 
Vivint Wireless How to De-Risk a New Venture & Build a Better ISP - Luke L...
Vivint Wireless How to De-Risk a New Venture & Build a Better ISP - Luke L...Vivint Wireless How to De-Risk a New Venture & Build a Better ISP - Luke L...
Vivint Wireless How to De-Risk a New Venture & Build a Better ISP - Luke L...
Lounge47
 
Rational Quality Manager
Rational Quality ManagerRational Quality Manager
Rational Quality Manager
Strongback Consulting
 
Bugday bkk-2014 nitisak-auto_perf
Bugday bkk-2014 nitisak-auto_perfBugday bkk-2014 nitisak-auto_perf
Bugday bkk-2014 nitisak-auto_perf
Nitisak Mooltreesri
 
Agile in a Legacy World - Sonik Chopra
Agile in a Legacy World - Sonik ChopraAgile in a Legacy World - Sonik Chopra
Agile in a Legacy World - Sonik Chopra
AgileNCR2014
 
Tis The Season: Load Testing Tips and Checklist for Retail Seasonal Readiness
Tis The Season: Load Testing Tips and Checklist for Retail Seasonal ReadinessTis The Season: Load Testing Tips and Checklist for Retail Seasonal Readiness
Tis The Season: Load Testing Tips and Checklist for Retail Seasonal Readiness
SOASTA
 
Develop a Defect Prevention Strategy—or Else!
Develop a Defect Prevention Strategy—or Else!Develop a Defect Prevention Strategy—or Else!
Develop a Defect Prevention Strategy—or Else!
TechWell
 
InfinityQS_7 Habits of Quality Obsessed Manufacturers_Print final
InfinityQS_7 Habits of Quality Obsessed Manufacturers_Print finalInfinityQS_7 Habits of Quality Obsessed Manufacturers_Print final
InfinityQS_7 Habits of Quality Obsessed Manufacturers_Print final
Vanessa Stirling
 
Automation and Technical Debt
Automation and Technical DebtAutomation and Technical Debt
Automation and Technical Debt
IBM UrbanCode Products
 
Anton Muzhailo - Practical Test Process Improvement using ISTQB
Anton Muzhailo - Practical Test Process Improvement using ISTQBAnton Muzhailo - Practical Test Process Improvement using ISTQB
Anton Muzhailo - Practical Test Process Improvement using ISTQB
Ievgenii Katsan
 

Similar to Outpost24 webinar - Covid-19: Driving application security resilience in times of crisis (20)

Outpost24 webinar - The economics of penetration testing in the new threat la...
Outpost24 webinar - The economics of penetration testing in the new threat la...Outpost24 webinar - The economics of penetration testing in the new threat la...
Outpost24 webinar - The economics of penetration testing in the new threat la...
 
Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...
Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...
Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...
 
Clover Rings Up Digital Growth to Drive Experimentation
Clover Rings Up Digital Growth to Drive ExperimentationClover Rings Up Digital Growth to Drive Experimentation
Clover Rings Up Digital Growth to Drive Experimentation
 
SbE - Requirements in an agile process
SbE - Requirements in an agile processSbE - Requirements in an agile process
SbE - Requirements in an agile process
 
Owasp LA
Owasp LAOwasp LA
Owasp LA
 
IT Fraud and Countermeasures
IT Fraud and CountermeasuresIT Fraud and Countermeasures
IT Fraud and Countermeasures
 
3. introduction to software testing
3. introduction to software testing3. introduction to software testing
3. introduction to software testing
 
Top 10 Benefits of Crowd Testing
Top 10 Benefits of Crowd TestingTop 10 Benefits of Crowd Testing
Top 10 Benefits of Crowd Testing
 
Software Testing
Software TestingSoftware Testing
Software Testing
 
How to build confidence in your release cycle
How to build confidence in your release cycleHow to build confidence in your release cycle
How to build confidence in your release cycle
 
Agile Methods: Fact or Fiction
Agile Methods: Fact or FictionAgile Methods: Fact or Fiction
Agile Methods: Fact or Fiction
 
Vivint Wireless How to De-Risk a New Venture & Build a Better ISP - Luke L...
Vivint Wireless How to De-Risk a New Venture & Build a Better ISP - Luke L...Vivint Wireless How to De-Risk a New Venture & Build a Better ISP - Luke L...
Vivint Wireless How to De-Risk a New Venture & Build a Better ISP - Luke L...
 
Rational Quality Manager
Rational Quality ManagerRational Quality Manager
Rational Quality Manager
 
Bugday bkk-2014 nitisak-auto_perf
Bugday bkk-2014 nitisak-auto_perfBugday bkk-2014 nitisak-auto_perf
Bugday bkk-2014 nitisak-auto_perf
 
Agile in a Legacy World - Sonik Chopra
Agile in a Legacy World - Sonik ChopraAgile in a Legacy World - Sonik Chopra
Agile in a Legacy World - Sonik Chopra
 
Tis The Season: Load Testing Tips and Checklist for Retail Seasonal Readiness
Tis The Season: Load Testing Tips and Checklist for Retail Seasonal ReadinessTis The Season: Load Testing Tips and Checklist for Retail Seasonal Readiness
Tis The Season: Load Testing Tips and Checklist for Retail Seasonal Readiness
 
Develop a Defect Prevention Strategy—or Else!
Develop a Defect Prevention Strategy—or Else!Develop a Defect Prevention Strategy—or Else!
Develop a Defect Prevention Strategy—or Else!
 
InfinityQS_7 Habits of Quality Obsessed Manufacturers_Print final
InfinityQS_7 Habits of Quality Obsessed Manufacturers_Print finalInfinityQS_7 Habits of Quality Obsessed Manufacturers_Print final
InfinityQS_7 Habits of Quality Obsessed Manufacturers_Print final
 
Automation and Technical Debt
Automation and Technical DebtAutomation and Technical Debt
Automation and Technical Debt
 
Anton Muzhailo - Practical Test Process Improvement using ISTQB
Anton Muzhailo - Practical Test Process Improvement using ISTQBAnton Muzhailo - Practical Test Process Improvement using ISTQB
Anton Muzhailo - Practical Test Process Improvement using ISTQB
 

More from Outpost24

Outpost24 webinar - A fresh look into the underground card shop ecosystem
Outpost24 webinar - A fresh look into the underground card shop ecosystemOutpost24 webinar - A fresh look into the underground card shop ecosystem
Outpost24 webinar - A fresh look into the underground card shop ecosystem
Outpost24
 
Outpost24 webinar Why API security matters and how to get it right.pdf
Outpost24 webinar Why API security matters and how to get it right.pdfOutpost24 webinar Why API security matters and how to get it right.pdf
Outpost24 webinar Why API security matters and how to get it right.pdf
Outpost24
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24
 
Outpost24 Webinar - Five steps to build a killer Application Security Program
Outpost24 Webinar - Five steps to build a killer Application Security ProgramOutpost24 Webinar - Five steps to build a killer Application Security Program
Outpost24 Webinar - Five steps to build a killer Application Security Program
Outpost24
 
Outpost24 webinar - How to protect your organization from credential theft
Outpost24 webinar - How to protect your organization from credential theftOutpost24 webinar - How to protect your organization from credential theft
Outpost24 webinar - How to protect your organization from credential theft
Outpost24
 
Outpost24 webinar : Beating hackers at their own game 2022 predictions
Outpost24 webinar : Beating hackers at their own game 2022 predictionsOutpost24 webinar : Beating hackers at their own game 2022 predictions
Outpost24 webinar : Beating hackers at their own game 2022 predictions
Outpost24
 
Outpost24 webinar - Enhance user security to stop the cyber-attack cycle
Outpost24 webinar - Enhance user security to stop the cyber-attack cycleOutpost24 webinar - Enhance user security to stop the cyber-attack cycle
Outpost24 webinar - Enhance user security to stop the cyber-attack cycle
Outpost24
 
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24
 
Outpost24 webinar: best practice for external attack surface management
Outpost24 webinar: best practice for external attack surface managementOutpost24 webinar: best practice for external attack surface management
Outpost24 webinar: best practice for external attack surface management
Outpost24
 
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24
 
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...
Outpost24
 
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...
Outpost24
 
Outpost24 webinar - Api security
Outpost24 webinar - Api securityOutpost24 webinar - Api security
Outpost24 webinar - Api security
Outpost24
 
Outpost24 Webinar - CISO conversation behind the cyber security technology
Outpost24 Webinar - CISO conversation behind the cyber security technologyOutpost24 Webinar - CISO conversation behind the cyber security technology
Outpost24 Webinar - CISO conversation behind the cyber security technology
Outpost24
 
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24
 
Outpost24 webinar - How to secure cloud services in the DevOps fast lane
Outpost24 webinar - How to secure cloud services in the DevOps fast laneOutpost24 webinar - How to secure cloud services in the DevOps fast lane
Outpost24 webinar - How to secure cloud services in the DevOps fast lane
Outpost24
 
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...Outpost24 webinar - Demystifying Web Application Security with Attack Surface...
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...
Outpost24
 
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24
 
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...
Outpost24
 
Outpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev opsOutpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev ops
Outpost24
 

More from Outpost24 (20)

Outpost24 webinar - A fresh look into the underground card shop ecosystem
Outpost24 webinar - A fresh look into the underground card shop ecosystemOutpost24 webinar - A fresh look into the underground card shop ecosystem
Outpost24 webinar - A fresh look into the underground card shop ecosystem
 
Outpost24 webinar Why API security matters and how to get it right.pdf
Outpost24 webinar Why API security matters and how to get it right.pdfOutpost24 webinar Why API security matters and how to get it right.pdf
Outpost24 webinar Why API security matters and how to get it right.pdf
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
 
Outpost24 Webinar - Five steps to build a killer Application Security Program
Outpost24 Webinar - Five steps to build a killer Application Security ProgramOutpost24 Webinar - Five steps to build a killer Application Security Program
Outpost24 Webinar - Five steps to build a killer Application Security Program
 
Outpost24 webinar - How to protect your organization from credential theft
Outpost24 webinar - How to protect your organization from credential theftOutpost24 webinar - How to protect your organization from credential theft
Outpost24 webinar - How to protect your organization from credential theft
 
Outpost24 webinar : Beating hackers at their own game 2022 predictions
Outpost24 webinar : Beating hackers at their own game 2022 predictionsOutpost24 webinar : Beating hackers at their own game 2022 predictions
Outpost24 webinar : Beating hackers at their own game 2022 predictions
 
Outpost24 webinar - Enhance user security to stop the cyber-attack cycle
Outpost24 webinar - Enhance user security to stop the cyber-attack cycleOutpost24 webinar - Enhance user security to stop the cyber-attack cycle
Outpost24 webinar - Enhance user security to stop the cyber-attack cycle
 
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
 
Outpost24 webinar: best practice for external attack surface management
Outpost24 webinar: best practice for external attack surface managementOutpost24 webinar: best practice for external attack surface management
Outpost24 webinar: best practice for external attack surface management
 
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
 
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...
 
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...
 
Outpost24 webinar - Api security
Outpost24 webinar - Api securityOutpost24 webinar - Api security
Outpost24 webinar - Api security
 
Outpost24 Webinar - CISO conversation behind the cyber security technology
Outpost24 Webinar - CISO conversation behind the cyber security technologyOutpost24 Webinar - CISO conversation behind the cyber security technology
Outpost24 Webinar - CISO conversation behind the cyber security technology
 
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
 
Outpost24 webinar - How to secure cloud services in the DevOps fast lane
Outpost24 webinar - How to secure cloud services in the DevOps fast laneOutpost24 webinar - How to secure cloud services in the DevOps fast lane
Outpost24 webinar - How to secure cloud services in the DevOps fast lane
 
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...Outpost24 webinar - Demystifying Web Application Security with Attack Surface...
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...
 
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
 
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...
 
Outpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev opsOutpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev ops
 

Recently uploaded

Streamlining End-to-End Testing Automation
Streamlining End-to-End Testing AutomationStreamlining End-to-End Testing Automation
Streamlining End-to-End Testing Automation
Anand Bagmar
 
ppt on the brain chip neuralink.pptx
ppt on the brain chip neuralink.pptxppt on the brain chip neuralink.pptx
ppt on the brain chip neuralink.pptx
Reetu63
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
Drona Infotech
 
Microsoft-Power-Platform-Adoption-Planning.pptx
Microsoft-Power-Platform-Adoption-Planning.pptxMicrosoft-Power-Platform-Adoption-Planning.pptx
Microsoft-Power-Platform-Adoption-Planning.pptx
jrodriguezq3110
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Transforming Product Development using OnePlan To Boost Efficiency and Innova...
Transforming Product Development using OnePlan To Boost Efficiency and Innova...Transforming Product Development using OnePlan To Boost Efficiency and Innova...
Transforming Product Development using OnePlan To Boost Efficiency and Innova...
OnePlan Solutions
 
All you need to know about Spring Boot and GraalVM
All you need to know about Spring Boot and GraalVMAll you need to know about Spring Boot and GraalVM
All you need to know about Spring Boot and GraalVM
Alina Yurenko
 
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data PlatformAlluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio, Inc.
 
Going AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applicationsGoing AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applications
Alina Yurenko
 
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
The Third Creative Media
 
Penify - Let AI do the Documentation, you write the Code.
Penify - Let AI do the Documentation, you write the Code.Penify - Let AI do the Documentation, you write the Code.
Penify - Let AI do the Documentation, you write the Code.
KrishnaveniMohan1
 
The Comprehensive Guide to Validating Audio-Visual Performances.pdf
The Comprehensive Guide to Validating Audio-Visual Performances.pdfThe Comprehensive Guide to Validating Audio-Visual Performances.pdf
The Comprehensive Guide to Validating Audio-Visual Performances.pdf
kalichargn70th171
 
Computer Science & Engineering VI Sem- New Syllabus.pdf
Computer Science & Engineering VI Sem- New Syllabus.pdfComputer Science & Engineering VI Sem- New Syllabus.pdf
Computer Science & Engineering VI Sem- New Syllabus.pdf
chandangoswami40933
 
Secure-by-Design Using Hardware and Software Protection for FDA Compliance
Secure-by-Design Using Hardware and Software Protection for FDA ComplianceSecure-by-Design Using Hardware and Software Protection for FDA Compliance
Secure-by-Design Using Hardware and Software Protection for FDA Compliance
ICS
 
The Rising Future of CPaaS in the Middle East 2024
The Rising Future of CPaaS in the Middle East 2024The Rising Future of CPaaS in the Middle East 2024
The Rising Future of CPaaS in the Middle East 2024
Yara Milbes
 
Enhanced Screen Flows UI/UX using SLDS with Tom Kitt
Enhanced Screen Flows UI/UX using SLDS with Tom KittEnhanced Screen Flows UI/UX using SLDS with Tom Kitt
Enhanced Screen Flows UI/UX using SLDS with Tom Kitt
Peter Caitens
 
Building API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructureBuilding API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructure
confluent
 
What is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdfWhat is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdf
kalichargn70th171
 
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSISDECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
Tier1 app
 

Recently uploaded (20)

Streamlining End-to-End Testing Automation
Streamlining End-to-End Testing AutomationStreamlining End-to-End Testing Automation
Streamlining End-to-End Testing Automation
 
ppt on the brain chip neuralink.pptx
ppt on the brain chip neuralink.pptxppt on the brain chip neuralink.pptx
ppt on the brain chip neuralink.pptx
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
 
Microsoft-Power-Platform-Adoption-Planning.pptx
Microsoft-Power-Platform-Adoption-Planning.pptxMicrosoft-Power-Platform-Adoption-Planning.pptx
Microsoft-Power-Platform-Adoption-Planning.pptx
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
Transforming Product Development using OnePlan To Boost Efficiency and Innova...
Transforming Product Development using OnePlan To Boost Efficiency and Innova...Transforming Product Development using OnePlan To Boost Efficiency and Innova...
Transforming Product Development using OnePlan To Boost Efficiency and Innova...
 
All you need to know about Spring Boot and GraalVM
All you need to know about Spring Boot and GraalVMAll you need to know about Spring Boot and GraalVM
All you need to know about Spring Boot and GraalVM
 
bgiolcb
bgiolcbbgiolcb
bgiolcb
 
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data PlatformAlluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
 
Going AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applicationsGoing AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applications
 
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
 
Penify - Let AI do the Documentation, you write the Code.
Penify - Let AI do the Documentation, you write the Code.Penify - Let AI do the Documentation, you write the Code.
Penify - Let AI do the Documentation, you write the Code.
 
The Comprehensive Guide to Validating Audio-Visual Performances.pdf
The Comprehensive Guide to Validating Audio-Visual Performances.pdfThe Comprehensive Guide to Validating Audio-Visual Performances.pdf
The Comprehensive Guide to Validating Audio-Visual Performances.pdf
 
Computer Science & Engineering VI Sem- New Syllabus.pdf
Computer Science & Engineering VI Sem- New Syllabus.pdfComputer Science & Engineering VI Sem- New Syllabus.pdf
Computer Science & Engineering VI Sem- New Syllabus.pdf
 
Secure-by-Design Using Hardware and Software Protection for FDA Compliance
Secure-by-Design Using Hardware and Software Protection for FDA ComplianceSecure-by-Design Using Hardware and Software Protection for FDA Compliance
Secure-by-Design Using Hardware and Software Protection for FDA Compliance
 
The Rising Future of CPaaS in the Middle East 2024
The Rising Future of CPaaS in the Middle East 2024The Rising Future of CPaaS in the Middle East 2024
The Rising Future of CPaaS in the Middle East 2024
 
Enhanced Screen Flows UI/UX using SLDS with Tom Kitt
Enhanced Screen Flows UI/UX using SLDS with Tom KittEnhanced Screen Flows UI/UX using SLDS with Tom Kitt
Enhanced Screen Flows UI/UX using SLDS with Tom Kitt
 
Building API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructureBuilding API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructure
 
What is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdfWhat is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdf
 
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSISDECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
 

Outpost24 webinar - Covid-19: Driving application security resilience in times of crisis

  • 1. Creating application security resilience during the pandemic Covid-19 webinar Simon Roe, Product Manager May 13, 2020
  • 2. 2 Covid-19 changed the world as we know it
  • 3. Lockdown – Changing the way we live and work 3
  • 4. 4 8.4bn The number of records exposed in Q1 2020 273% increase from 2019 Mostly from the web The Covid-19 ripple effect
  • 5. Launch now, test later? • Web application is the #1 attack vector for data breach • 44% of organizations don't test the security of their web apps before launch • Knowing your security posture is more important than ever 5
  • 6. 6 Cyber hygiene is your best defense • Yes. The benefits gained are very valuable • Find the backdoors – or things your automated tools miss • Risk prioritisation • Improve detection and alerting (OWASP top 10 2017 A10) • Validate your controls • Comply with local, national and international regulations • It helps fill in the blanks from your automated scanning
  • 7. The old Pen test in the current climate 7
  • 8. 8 This is what you think you pay for A 10 day total Penetration test at an agreed ‘Day rate’ ($750-$1,000+) Test Application (10 Days / $7,500) $$
  • 9. But what about these costs 9 Appoint company, negotiate contract (5 days / $2,500)Tender (2 days / $1000) Scope, agree start date (2 Days/ $1,000) Your 10 day test is really 15 – 20 days Upfront cost + Test Application (10 + 9 = 19 Days / $12,000) + $4,500 $$$$ + 9 days The day rate of your in house staff ($500)
  • 10. Wait, there’s even more costs 10 Review the report (3 days / $1,500) Create remediation issues ( 2 days / $1,000) A 10 day test, is likely 8 days testing, with 1 day report writing and 1 day hand over and maybe some delays thrown in during testing Remediate – (10+ day /$5,000) Upfront cost + Test Application (19 – 2 = 17 Days / but the cost is still $12,000) $$$$$$ Adding another 15+ days and $7,500 = potentially $19,500!!
  • 11. 11 $$ $$$$ $$$$$$ • Go to tender • Find your supplier • Scope out the app • Negotiate the contract • Review the findings • Add them to your issue tracking / backlog • Remediate The real cost of that $750/day test
  • 13. 13 • Delays happen when you are not ready for the testers • Testing can impact production, leading to a rescope and loss of time • Wait for the report to be written • Your ‘10 day test’ probably results in 5 days of manual testing effort You don’t get what you pay for
  • 14. 14 It costs you more money and delivery less value • You think of the ‘test’ as a number of ‘Man days’. It’s a false economy. You miss all the other costs before and after the test • Your test is likely 50% automation with some review of findings, a day for the reports and a day for the hand over • You cannot work on remediation until the test finishes (delays) and you have been given the report • Likely you will be juggling false positives, subjective findings and have no real way to query or clarify the issues • You cannot easily verify that your development teams have fixed the issues reported And yet you still do it
  • 15. Changing the way you test apps 15
  • 16. 16 • Next Gen Appsec program • Annual contracts • Pool of testing, requested on demand • Zero false positives • Findings posted to UI available for remediation during testing • Direct access to the analysts • Ability to request verification of remediation activities • Customers save time & money whilst being able to request testing that suits their timelines and SDLC processes Next Gen Appsec program
  • 17. 17 • 365 monitoring • Daily assessments • Regular manual assessment • Findings presented as soon as they are assessed Continuous assessment for Critical Applications
  • 18. 18 • Like major streaming TV stations : you tell us when you want to consume a license • Fixed fee – know upfront the cost • Up to thirty days of manual testing and remediation advice • No false positives On demand for everything else
  • 19. 19 Old vs New Build application security resilience Old : hidden costs per test New: fixed upfront cost Old: You test when you can, and pause your Dev. New: Test continuously, or on demand, as part of the Dev process Old: you remediate long after the test has finished New: you remediate whilst the test is still ongoing $$
  • 20. #StandByYou during Covid-19 Talk to us to find out how to take advantage of our security testing offers to maintain your cyber hygiene https://marketing.outpost2 4.com/mkg/standbyyou- during-covid-19 20
  • 21. Simon Roe Product Manager - Appsec sro@outpost24.com Questions 21