location_city Singapore schedule Oct 6th 10:35 - 11:20 AM place Legends I

More and more companies are switching to Agile and DevOps methodologies to enable continuous delivery.

And while development is becoming faster and faster and new features are released on a daily basis, application security is struggling to keep up.

For the most part application security seems to be stuck in the dark ages of waterfall.

In this talk Stefan will discuss a new approach to application security that enables Agile development teams to ship software at DevOps speed. 

 
 

Outline/Structure of the Experience Report

  • The importance of Agile and DevOps
  • A Brief History of Application Security
  • Making Application Security work in an Agile World
    • Shifting Responsibility (Rugged Software/Security Champions)
    • Manual vs automation
    • Annual PT vs continuous security
    • PDF reporting vs in-workflow reporting
  • Call to action
  • Conclusion 

Learning Outcome

  • Understanding Development from an AppSec point of view
  • Understanding of how Dev Sec and Ops can work together
  • Motivation to integrate AppSec into Agile

Target Audience

All audiences are welcome

schedule Submitted 4 years ago

Public Feedback