Penetration testing in agile cybersecurity environments

Alshra'a AS, Al Sardy L, German R (2024)


Publication Type: Book chapter / Article in edited volumes

Publication year: 2024

Publisher: CRC Press

Edited Volumes: Agile Security in the Digital Era

Pages Range: 126-161

ISBN: 9781003478676

DOI: 10.1201/9781003478676-6

Abstract

Penetration testing is a vital element of agile security frameworks confirming that security problems are addressed during the software development life cycle. In agile security environments, where quick development and endless integration are highlighted, penetration testing establishes simulated cyber-attacks to examine and identify security vulnerabilities and improve the overall security conditions in a computer system. Penetration testers are security professionals trained in ethical hacking to operate hacking tools and techniques that repair security weaknesses rather than yield threats. Hence, organizations employ penetration testers to launch simulated fake attacks on their applications, networks, and other assets. Generally, ethical hackers provide malware analysis, risk assessment, and other services, while penetration testers proactively identify vulnerabilities and weaknesses in software applications. Both conduct regular penetration tests within agile environments, which helps the organizations detect and remediate security shortcomings early. Furthermore, penetration testing enables a culture of security-conscious development and promotes collaboration between development and security teams, ultimately leading to more resilient and secure applications. This chapter provides detailed information regarding the integration of penetration testing techniques into agile development frameworks to overcome the frequently changing cybersecurity challenges. It discusses practical approaches, components, teams, and best practices for achieving efficient penetration tests within rapidly developing agile environments in addition to ensuring robust security measures throughout the software development life cycle.

Authors with CRIS profile

How to cite

APA:

Alshra'a, A.S., Al Sardy, L., & German, R. (2024). Penetration testing in agile cybersecurity environments. In Mounia Zaydi, Youness Khourdifi, Bouchaib Nassereddine, Justin Zhang (Eds.), Agile Security in the Digital Era. (pp. 126-161). CRC Press.

MLA:

Alshra'a, Abdullah S., Loui Al Sardy, and Reinhard German. "Penetration testing in agile cybersecurity environments." Agile Security in the Digital Era. Ed. Mounia Zaydi, Youness Khourdifi, Bouchaib Nassereddine, Justin Zhang, CRC Press, 2024. 126-161.

BibTeX: Download