How to Move Mountains: Building an AppSec Program in a DevOps Environment

 

Pentesters are tired of breaking things, writing a report, and walking away. Security teams are caught in a backlog that prevents them from ever staying ahead. Developers curse security for slowing them down. How can we address these seemingly incompatible and insurmountable issues in an organization, especially at scale?

The answer to this may be found in DevOps Security, which has been gaining momentum in large organizations that need to move fast and ensure a high level of security across their applications and operations. It is a practice that attempts to address all of these issues through two core principles: automation and education.

Our Senior Security Researcher, Aaron Hnatiw, recently spoke at ToorCon 19 about these issues. Using experience gained from working with several large Fortune 500 companies, his talk covered the basics of DevOps Security, and dove into specific tools and processes that organizations of any size can implement to immediately improve their speed of delivery while maintaining a strong and measurable security baseline.

Watch the video and follow along with the slides below.

[embed]https://www.slideshare.net/AaronHnatiw/how-to-move-mountains-toorcon-2017[/embed]

Follow Aaron on Twitter @insp3ctre

 

 

Previous Article
GDPR Compliance: How to prepare for the EU’s new personal information rules
GDPR Compliance: How to prepare for the EU’s new personal information rules

By Mina Miri and Nathanael Mohammed General Data Protection Regulation (GDPR) will change the way the Europ...

Next Article
Cybersecurity Standards and the Giant Supply Chain Gap
Cybersecurity Standards and the Giant Supply Chain Gap

By Rohit Sethi In 2010, the world received a glimpse of how devastating cybersecurity breaches could be. Th...

×

Schedule a live demo

First Name
Last Name
Company Name
!
Thank you!
Error - something went wrong!