Blending Automated and Manual Testing – AppSec USA 2015

DevOps puts an intense focus on automation – taking humans out of the loop whenever possible to allow frequent, incremental updates to production systems. However, thorough application testing often has multiple components – much of this can be automated, but manual testing is also required. This is inconvenient and not “DevOps-y,” but is unfortunately an unavoidable requirement in the real world.

 

This AppSec USA presentation with Axway’s Principal Application Security Engineer, Steve Springett, walks through Axway’s construction of their application security-testing pipeline and the decisions they were forced to make along the way to best maximize the use of automation while accommodating the reality of manual testing requirements.

Contact us for more information about how you can optimize your application vulnerability management program to pursue aggressive automation while also dealing with the realities of manual testing requirements.

About John Dickson

John Dickson web resolution

John Dickson is an internationally recognized security leader, entrepreneur and Principal at Denim Group, Ltd, the parent company of ThreadFix. He has more than 20 years' hands-on experience in intrusion detection, network security and application security in the commercial, public and military sectors. As a Denim Group Principal, he helps executives and Chief Security Officers (CSO's) of Fortune 500 companies, including major financial institutions, launch and expand their critical application security initiatives.