Security Testing in Agile Web Application Development - A Case Study Using the EAST Methodology

We present a case study showing how our Extended Agile Security Testing performs compared to a more ad hoc approach used within an organization

Gencer Erdogan; Per HÃ¥kon Meland; Derek Mathieson

2010

Scholarcy highlights

  • There is a need for improved security testing methodologies specialized for Web applications and their agile development environment
  • We present a case study showing how our Extended Agile Security Testing performs compared to a more ad hoc approach used within an organization
  • Our working hypothesis is that the detection of vulnerabilities in Web applications will be significantly more efficient when using a structured security testing methodology specialized for Web applications, compared to existing ad hoc ways of performing security tests
  • Our results show a clear indication that our hypothesis is on the right track

Need more features? Save interactive summary cards to your Scholarcy Library.