Glad You Could Join Us: Bringing Security into the DevOps Fold

Presented at AppSec USA 2016, Oct. 14, 2016, 3:15 p.m. (35 minutes)

We all know that "DevOps" is a pormanteau of Development and Operations, but where is the "Sec"? Security has long been the red-headed stepchild of the DevOps cultural movement. The time has come to fully integrate traditional security testing practices into a Continuous Delivery pipeline.   We will discuss the current state of security in DevOps, what it means to have a security pipeline, and some challenges and solutions of such a transformation.

Presenters:

• Bryan Batty
  Having spent more than ten years building secure software applications, Bryan Batty is now a Managing Consultant for Coveros, and focuses primarily on security and DevOps transformations, especially as it relates to building security into the software development pipeline. Over the past few years, he has had the opportunity to influence security policy, coach development teams on secure coding practices, conduct security assessments of web applications, automate security activities where practical, and deliver security training. When he is not working on projects, Bryan helps out with the Washington, DC chapter of OWASP, where he helps bring together DC-area IT professionals every month to discuss trending topics in application security. Bryan holds a Bachelor of Science in Computer Science and a Master of Science in Cybersecurity.

Links:

• https://appsecusa2016.sched.com/event/86we/glad-you-could-join-us-bringing-security-into-the-devops-fold

Similar Presentations:

• AppSec USA 2016 / DevOps to DevSecOps: a 2-dimensional view of security for DevOps
• AppSec USA 2016 / Continuous Security: DevOps and Ongoing Authorization
• AppSec USA 2016 / Moving to the Left: DevOps practices and the changing role of SecOps