Continuous Security Testing

About the presentation

Security rules (Compliance Rules, Controls) in the sense of rule conformity seem to be in contradiction to our digitally transforming, agile world. At first glance, agility does not go hand in hand with excessive caution and strict compliance with regulations such as PCI Data Security Standards, Prudential Regulation Authority, etc. Is it possible for regulated industries to deliver new products and services at high speed, continuously, while meeting their regulatory compliance obligations?

The answer is a resounding yes. One of the solutions is to embed regulatory compliance into the software development or delivery process. The presentation will show how OpenSource tools were used to take the first step with Compliance as Code and how security tests in an AppSec pipeline were automated in subsequent steps.

Who will benefit

Product Owners, Developers and Testers.

About Rudolf Groetz

Rudolf Groetz, who has been working in IT for 30 years and is a passionate software tester, works as an agile engineering coach in the Test & Test Automation department at Raiffeisen Bank International in Vienna in the field of software testing and lives by the motto "Test automation is not an act, test automation is a habit!" In addition to professional articles in various magazines, he also provides the community with conference presentations and organizes the Vienna Agile Test Automation Meetup with more than 950 members.