Five Keys to Building an Application Security Program in the Age of DevOps

Presented at BSidesSF 2017, Feb. 13, 2017, 11:30 a.m. (30 minutes)

Security's goal of minimizing enterprise risk sometimes seems to be at odds with development's mandate for change. In reality, there is a middle path that can allow development to deliver more secure code at DevOps speed, but it requires security to adapt to the principles that have proven successful for DevOps.


  • Tim Jarrett - Director, Enterprise Security Strategy - Veracode
    Tim Jarrett is Senior Director of Security Strategy at Veracode, responsible for leading go-to-market strategy for Veracode's automated application security risk management service. He has previously led teams at iET Solutions and Microsoft. Tim was also Principal at American Management Systems, where he acted as a development lead on a major US Department of Defense software contract. Tim has authored the Veracode State of Software Security Report and is a regular contributor of articles specializing in DevOps and secure software development. He graduated from the University of Virginia and has an MBA from the MIT Sloan School of Management.


Similar Presentations: