Security / Penetration testing within your organisation/projects

A very brief survey into security testing attitudes within your development lifecycle

Question Title

* 1. What product development methodology most aligns with your organisation?

Scrum

Waterfall

Kanban

Other Agile

Lone Coder

Question Title

* 2. Where are the majority of your product offerings based?

Cloud provider (AWS etc)

Private hosting

Desktop software

no answer

Question Title

* 3. How often do you security test?

Project end

Sprint end

no answer

Other (please specify)

Question Title

* 4. How is your security testing performed?

Internally

Externally

no answer

Question Title

* 5. Roughly how much time has been used to repair/retest security issues found per project?

<1 day

1 day

2 days

3 days

4 days

5 days

6 days

7 days

>7 days

no answer

Other (please specify)

Question Title

* 6. How best describes your feelings on security testing?

Necessary

It slows down development

no answer

Love it

Question Title

* 7. Are you aware of any breaches in your organisation or projects in the past 12 months (however minor)?

yes

no answer

Question Title

* 8. After a clean security review, when do you re-test your projects?

yearly

monthly

weekly

ad-hoc

Other

Continually (please specify)

Question Title

* 9. How long is "too long" for a security test turn around (assuming test started today)

a day

a week

more than a week but less than a month

a month

no answer

Question Title

* 10. What is your role within your organisation and are there any other comments you would like to make on security testing/pen testing as a practice?