RoboCop- Bringing law and order to CICD

Presented at RVAsec 2017, June 9, 2017, 2 p.m. (50 minutes)

In the movie, RoboCop is given three primary directives: "Serve the public trust, Protect the innocent, and Uphold the law". We built our own RoboCop in order to bring law and order to our CICD pipeline. DevOps practices are all about enabling fast and frequent delivery of new software. In order to keep pace in a DevOps culture, application security must be reliably integrated into the CICD pipeline. In this talk, I will show how our small AppSec team combined automated tools along with human oversight in order to achieve our directives at scale, while winning the hearts and minds of our development teams.

Presenters:

  • Troy Marshall - Ellucian
    How do you answer when someone asks what you do for a living? Troy Marshall’s answer—“I don't make software, I make software better”—explains his career helping organizations build and scale programs to improve the quality, security, and performance of their software and systems. Troy is currently the Director, Application Security and Reliability in the Ellucian DevOps group where he focuses on helping development teams rapidly deliver highly secure and reliable SaaS solutions. Connect with Troy on LinkedIn and Twitter.

Links:

Similar Presentations: