This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Front Range OWASP Conference 2013/Sessions/Sess5 Tech1

Jump to: navigation, search

Real World Cloud Application Security

This presentation will provide the audience with a case study of how real world organizations using the public cloud are approaching application security. Netflix, one of the largest AWS and public cloud users in the world, will serve as the subject of the case study.

The discussion will cover a variety of topics of interest to application security personnel, including:

  • Automating and integrating security into CI/CD environments
  • Large scale vulnerability management
  • Continuous security testing and monitoring, including Netflix's Security Monkey and Exploit Monkey frameworks
  • Cultural integration of security in DevOps/agile organizations

Slides Video

Jason Chan

Jason Chan is an Engineering Director at Netflix, currently working on the security of Netflix's cloud deployment. His areas of responsibility include application, infrastructure, and operational security for the Netflix streaming video service. Prior to joining Netflix, he led the information security team at VMware and spent most of his earlier career in security consulting for firms such as @stake and iSEC Partners.
Jason Chan