This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Front Range OWASP Conference 2013/Presentations/DevOps"
Jess Garrett (talk | contribs) |
Jess Garrett (talk | contribs) |
||
| Line 10: | Line 10: | ||
[[Media:Bravo.pptx | Slides]] | [[Media:Bravo.pptx | Slides]] | ||
| + | [https://vimeo.com/68335259 Video] | ||
<br> | <br> | ||
Latest revision as of 15:51, 17 June 2013
DevOps and Security: It's Happening. Right Now.
How do you integrate security within a Continuous Deployment (CD) environment - where every 5 minutes a feature, an enhancement, or a bug fix needs to be released? Traditional application security tools which require lengthy periods of configuration, tuning and application learning have become irrelevant in these fast-pace environments. Yet, falling back only on the secure coding practices of the developer cannot be tolerated.
Secure coding requires a new approach where security tools become part of the development environment – and eliminate any unnecessary code analysis overhead. By collaborating with development teams, understanding their needs and requirements, you can pave the way to a secure deployment in minutes. Steps include:
- Re-evaluate existing security tools and consider their integration within a CD environment
- Deliver a secured development framework and enforce its usage
- Pinpoint precise security code flaws and provide optimal fix recommendations
