Prioritizing and Testing Non-Functional Requirements: A Practical Guide

Engineering secure software is hard to do! In this talk, I discuss two high-level, requirements-based approaches to improving software quality. The first is using a requirements analysis technique that enables well-reasoned decisions about which combination of software quality attributes you should design and build into your software. The second is leaning into modern software engineering approaches like Agile and DevSecOps principles, specifically the adoption of automated testing of your requirements and taking an iterative approach to requirements analysis and testing.