1. InfoconDB
  2. ToorCon
  3. ToorCon San Diego 19 (2017)
  4. How To Move Mountains

How To Move Mountains

Presented at ToorCon San Diego 19 (2017), Sept. 2, 2017, 1 p.m. (50 minutes)

Pentesters are tired of breaking things, writing a report, and walking away. Security teams are caught in a backlog that prevents them from ever staying ahead. Developers curse security for slowing them down. How can we address these seemingly incompatible and insurmountable issues in an organization, especially at scale? The answer to this may be found in a practice called “DevSecOps” that has been gaining momentum in large organizations that need to move fast and ensure a high level of security across their applications and operations. It is a practice that attempts to address all of these issues through two core principles- automation and education. Using experience gained from working with several large fortune 500 companies, this talk will cover the basics of DevSecOps, and dive into specific tools and processes that organizations of any size can implement to immediately improve their speed of delivery while maintaining a strong and measurable security baseline.


Presenters:

  • Aaron Hnatiw
    As a Senior Security Researcher at Security Compass, Aaron Hnatiw is constantly looking into the future to find ways to secure the world of tomorrow. Whether that’s through security automation, blockchain technology, or machine learning/artificial intelligence, he’s always working on the leading edge of information security. He has worked in most aspects of the information technology field, holding previous positions as a security consultant, system administrator, software developer, and college professor in application security. In his spare time, Aaron enjoys writing security tools and contributing to the open source community.

Links:

Similar Presentations: