Integrating automated (security) testing into your development process
Hans de Raad
Independent consultant, open-source enthusiast (openSUSE, Drupal, etc). Also a big classical music lover (artistic manager of the Huygensfestival in Voorburg, supporter of several international chamber music festivals in/around The Hague, The Netherlands). One of my companies basic philosophies is, if open-source provides you with a stable revenue (thank you, 10x), you should do something in return. So my company donates 10% of its annual profit to one of the projects we've been using that year. This contribution can also be by providing help, i.e. in 2015 I was project lead and organizer for openSUSE conference in The Hague!
No video of the event yet, sorry! Meanwhile...
Automated testing has become a normal part of developer life in the world of agile development processes. However, it is usually only focused on unit testing or behavior testing–either the technical or the functional realm of the application. What about security testing and other non-functional aspects of the application, like performance testing?
Especially if you work in strongly regulated environments like government, healthcare and finance, you'll have to continuously demonstrate that guidelines are being followed when it comes to aspects like input validation, auditability and traceability.
Drupal 8 already coincides with a great overhaul of the Drupal testing infrastructure, a great moment to look at some of the perhaps not so obvious items to test as well!
This presentation will go over a number of tools to deploy for security testing and give some practical advise on how to integrate these with your Continuous Integration setup:
static code analysis for coding style and technical debt
security testing tools
performance and UI testing tools
- 2016 June 26 10:00
- 1 h
- Seminarraum 2
- openSUSE Conference 2016
- Technology & Development