Episode-467-Kim-Carter-on-Dynamic-Application-Security-Testing

Topics covered
Popular Clips
Episode Highlights
Tool Integration
Integrating security tools into the software development lifecycle is crucial for ensuring comprehensive assessments. explains how the OWASP Purple Team project facilitates this integration by offering a language-agnostic CLI that can be embedded into any build pipeline 1. This flexibility allows developers to customize their security testing environment, adapting it to various project needs. Carter notes, "We haven't come across any build pipelines that we couldn't install it into," highlighting the tool's adaptability 1.
Code Quality
Security practices and tools like DAST play a vital role in enhancing code quality by reducing defects. shares insights on how repeated exposure to similar defects encourages developers to adopt better practices, such as introducing new libraries or techniques to prevent recurring issues 2. This proactive approach not only improves the software architecture but also aligns with principles of test-driven development. "It's about creating loosely coupled components that can change easily," Carter emphasizes, underscoring the importance of adaptable design 2.
Related Episodes


366: Test Automation
Answers 383 questions

SE-Radio-Episode-309-Zane-Lackey-on-Application-Security
Answers 383 questions

SE Radio 568: Simon Bennetts on OWASP Dynamic Application Security Testing Tool ZAP
Answers 383 questions

Episode 128: Web App Security with Bruce Sams
Answers 383 questions

Episode 167: The History of JUnit and the Future of Testing with Kent Beck
Answers 383 questions
Episode 115: Architecture Analysis
Answers 383 questions

Episode 133: Continuous Integration with Chris Read
Answers 383 questions
Episode 103: 10 years of Agile Experiences
Answers 383 questions

Episode 441 Shipping Software - With Bugs
Answers 383 questions

Episode 395: Katharine Jarmul on Security and Privacy in Machine Learning
Answers 383 questions

SE-Radio Episode 256: Jay Fields on Working Effectively with Unit Tests
Answers 383 questions

Episode 112: Roles in Software Engineering II
Answers 383 questions

Episode 59: Static Code Analysis
Answers 383 questions

SE-Radio Episode 283: Alexander Tarlinder on Developer Testing
Answers 383 questions

Episode 155: Johannes Link & Lasse Koskela on TDD
Answers 383 questions














