Send message to

Do you want to send the message without a subject?
Please note that your message can be maximum 1000 characters long
Special characters '<', '>' are not allowed in subject and message
reCaptcha is invalid.
reCaptcha failed because of a problem with the server.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

itsa 365: Two persons in front of a flip chart, name of the white paper
  • Whitepaper
  • Network and Application Security

Read the technical contribution

Automated security testing within the DevOps processes has to be supplemented with tests in the production environment in order to fully assess the app's performance.

An essential element of the DevOps approach is the integration of security tests in an early phase of the software development lifecycle (SDLC). The aim is to identify weak points in new applications at an early stage and to eliminate them cost-effectively before deployment. However, agility and speed are often more important than security in real development teams. In addition, web applications in particular are usually subject to frequent changes and are also attacked through increasingly sophisticated methods.

It is therefore necessary to test extensively after the deployment in order to get feedback about the behavior of the application in the real world, especially in regards to functionality, performance, error tolerance and user experience. Based on the traditional approach, in which special security teams test applications before deployment, the white paper describes the testing concepts of Shift Left (early in the SDLC) and Shift Right (in the production environment) and explains how these have a positive effect on application security, defining a new, iterative software development lifecycle.

 

A document on this subject is available in German. Would you like to read it? Switch to the German view.

close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.