Agile Development Testing

Flexible testing to provide cybersecurity assurances throughout the development lifecycle

What is agile development testing?

Traditional penetration testing typically takes place at the end of the development lifecycle, prior to go-live, ensuring that no major security flaws are present. This approach certainly has its place, and we would always recommend testing whole applications and systems annually.

However, in today’s fast-moving DevOps world, this approach should be complemented with flexible, less time-consuming and more ad-hoc testing. Testing that fits with the agile development methodology.

In these cases, clients don’t want a full penetration test of their entire application. Rather, they want to spend a short amount of time looking at a particular update, or a new feature of the application, delivering findings quickly via a ticketing system, or even over a Slack channel.

Our agile development penetration testing service has been designed to meet these flexible needs.

Flexible to your requirements

Once a set number of days has been agreed upon, our experienced security consultants will be placed on standby, ready to respond quickly to your testing requirements.

Focus on specific features/functionality

Our agile testing allows you to concentrate your efforts on new features being released or functionality that has not been tested previously.

Value throughout the development lifecycle

Agile testing can be deployed throughout the development process, helping catch issues early and prevent potential security headaches further down the line.

Provide security assurances

Our testing is here to provide you, and your stakeholders, with the assurances you require. Assurances that the development areas under review are as secure as possible.

What we review

How we approach agile testing

Our agile testing methodology will be tailored to each engagement and will be based on your requirements. Whilst every engagement is different, examples of what we review include:

Security configuration
& authentication

Application functionality, technology & data flow

Susceptibility to Cross-Site Scripting (XSS), SQL & other injection attacks

Data transfer security, password and sensitive data storage

Logic flaws such as access
control & broken authorisation

Testing against OWASP Top 10 vulnerabilities

Not sure what type of testing you need?

Our team will be happy to discuss your individual requirements and provide a no obligation proposal based on your needs.

Our approach

The security confidence we provide doesn’t come from a one size fits all solution.

Every web application penetration test goes through a rigorous process to ensure you get the best possible results. Below we outline the key stages our testing goes through:

1. Client Focused Scoping

We work closely with you to fully understand your organisation, your development processes, the application/s in question and your desired outcomes.

2. Proposal

A proposal will be drawn up outlining the number of consultancy days needed to meet your requirements, as well as detailing any prerequisites.

3. Expert Testing

When testing is required, we will agree the number of testing days to be allocated and our expert consultants will perform testing as soon as possible.

4. Reporting

We will report security issues immediately. This will be in a format that suits your development team, be it over chat, via ticketing (e.g. JIRA), email or otherwise.

5. Call Off

Our team will continue to be available for testing requirements until the overall consultancy days agreed upon have been fully utilised.

6. Post-test Support

Your test consultants will be made available after testing to explain their findings, pass on their expertise and provide support to your development team.

Like the sound of our approach?

You can find out more about our test process and why it sets us apart.

Contact us

Want to find out more about our agile development testing service? Our team are on hand to provide you with the information you need. Please fill out the form below and one of our team will be in touch shortly.