Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
This talk explores how to mature application security programs through ASVS-driven development. Learn how organizations can overcome the common struggle of creating effective AppSec programs by leveraging the OWASP Application Security Verification Standard (ASVS) as both a security requirements framework and a guide for testing. Discover how turning security requirements into "just requirements" creates a common language for all SDLC stakeholders. The presentation shares research showing that 58% of ASVS requirements (162) can be automatically verified through various testing methods, and demonstrates a case study where 90 ASVS requirements were implemented as security tests in just 10 man-days. See how this approach creates a unified security theme throughout the development lifecycle, making security everyone's responsibility rather than falling into the trap of merely fixing tool-generated vulnerabilities.
