Application Security in an Agile World

development-practices-craftsmanship Accepted Experience Report 45 Mins Beginner appsec agile-security devsecops rugged-devops
Stefan Streichsbier
Stefan Streichsbier
CTO
Vantage Point
location_city Singapore schedule Oct 6th 10:35 - 11:20 AM place Legends I

More and more companies are switching to Agile and DevOps methodologies to enable continuous delivery.

And while development is becoming faster and faster and new features are released on a daily basis, application security is struggling to keep up.

For the most part application security seems to be stuck in the dark ages of waterfall.

In this talk Stefan will discuss a new approach to application security that enables Agile development teams to ship software at DevOps speed. 

 
2 favorite thumb_down thumb_up 2 comments visibility_off  Remove from Watchlist visibility  Add to Watchlist
 

Outline/Structure of the Experience Report

  • The importance of Agile and DevOps
  • A Brief History of Application Security
  • Making Application Security work in an Agile World
    • Shifting Responsibility (Rugged Software/Security Champions)
    • Manual vs automation
    • Annual PT vs continuous security
    • PDF reporting vs in-workflow reporting
  • Call to action
  • Conclusion 

Learning Outcome

  • Understanding Development from an AppSec point of view
  • Understanding of how Dev Sec and Ops can work together
  • Motivation to integrate AppSec into Agile

Target Audience

All audiences are welcome

Slides


https://speakerdeck.com/player/b09e83e9bc8545d8aa72771c5eda2bc2?feature=oembed

Video


https://www.youtube.com/embed/8LucxSJdQBk?feature=oembed

Links

https://engineers.sg/video/devsecops-the-big-picture-culture-processes-and-technologies-on-a-high-level-devsecopssg--556

schedule Submitted 4 years ago

Public Feedback

    Call for Proposals CLOSED
    Ended on Aug 13 '16 04:33 PM +08
    Active Members