Application Security in an Agile World
More and more companies are switching to Agile and DevOps methodologies to enable continuous delivery.
And while development is becoming faster and faster and new features are released on a daily basis, application security is struggling to keep up.
For the most part application security seems to be stuck in the dark ages of waterfall.
In this talk Stefan will discuss a new approach to application security that enables Agile development teams to ship software at DevOps speed.
Outline/Structure of the Experience Report
- The importance of Agile and DevOps
- A Brief History of Application Security
- Making Application Security work in an Agile World
- Shifting Responsibility (Rugged Software/Security Champions)
- Manual vs automation
- Annual PT vs continuous security
- PDF reporting vs in-workflow reporting
- Call to action
- Understanding Development from an AppSec point of view
- Understanding of how Dev Sec and Ops can work together
- Motivation to integrate AppSec into Agile
All audiences are welcome