Name: An SDLC for the DevSecOps Era
Start: 2017-01-25T14:00:00-0800
End: 2017-01-25T14:50:00-0800

Back To Schedule

An SDLC for the DevSecOps Era

The standard approaches for web application security over the last decade and beyond has focused heavily on slow gatekeeping controls like static analysis and dynamic scanning. However, these controls was originally designed in a world of Waterfall development and their heavy weight nature often cause more problems than they solve in today’s world of agile, DevOps, and CI/CD.

This talk will share practical lessons learned on the most effective application security techniques in todays increasingly rapid world of application creation and delivery. Specifically, it will cover how to:

1) Adapt traditionally heavyweight controls like static analysis and dynamic scanning to lightweight efforts that work in modern development and deployment practices

2) Obtain visibility to enable, rather than hinder, development and DevOps teams ability to iterate quickly

3) Measure maturity of your organizations security efforts in a non-theoretical way

Speakers

Zane Lackey

Chief Security Officer, Signal Sciences

Zane Lackey is the Co-Founder / Chief Security Officer at Signal Sciences and the Author of Building a Modern Security Program (O’Reilly Media). He serves on multiple public and private advisory boards and is an investor in emerging cybersecurity companies. Prior to co-founding... Read More →

Zane Lackey AppSecCali17 pdf

Wednesday January 25, 2017 2:00pm - 2:50pm PST
Sand and Sea Room

Sand and Sea Room

Register Now! https://2017.appseccalifornia.org/#register

AppSec California 2017

Zane Lackey

Attendees (22)

AppSec California 2017

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Zane Lackey

Attendees (22)