In Agile’s fast-paced environment and frequent product releases, security reviews and testing sound like an impediment to success. How can you keep up with Agile demands of continuous integration and deployment without abandoning security best practices?
In this case study, we host Yair Rovek- Security Specialist at LivePerson — to share with us his experiences in leading a successful implementation of a secure SDLC. LivePerson is a provider of SaaS technologies that help businesses create real-time meaningful connections with customers. Each month, over 1.5 billion visitors over the web are observed by the LivePerson’s platform. LivePerson’s R&D center includes hundreds of developers who have adopted Agile and Scrum-based methods.
In particular, Yair will detail ten steps to creating a holistic secure SDLC process in an Agile SaaS world.
– Engage scrum teams by showing them the value of enforcing security best practices
– Adopt a security API, such as OWASPs ESAPI, as a baseline for a clear and documented policy
– Integrate source code analysis with security modules throughout the build process
– Set automated tools to meet the requirements of short and rapid development cycles