DevOps enables you to release features and bug fixes faster than ever before. However, traditional security activities can’t seem to keep up with this fast-paced tempo. How can you make sure security doesn’t get left behind? Ignoring security bugs won’t make them go away. Instead of waiting to fix security vulnerabilities until after they wreak havoc on your applications, treat them like any other bug within your DevOps process.
By injecting security testing at the right time, at the right depth, by using the right tools and defining the right processes, and with the right people, you can:
1. Reduce DevSecOps friction.
2. Increase release velocity.
3. Improve quality, and security
Required audience experience:
Basic knowledge of CI/CD and DevOps. Basic knowledge of application security testing and tools used for static analysis, dynamic analysis, software composition analysis.
Objective of the talk:
The main objective of the talk is to provide actionable insight into these activities:
1. Agile and DevSecOps
2. Industry trends
3. Building security into your DevOps SDLC
4. Integrating the right tools in the DevOps pipeline
5. Breaking builds
6. Drawing on case studies for inspiration