This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Front Range OWASP Conference 2013/Sessions/Sess4 Tech1
DevOps and Security: It's Happening. Right Now.
How do you integrate security within a Continuous Deployment (CD) environment - where every 5 minutes a feature, an enhancement, or a bug fix needs to be released? Traditional application security tools which require lengthy periods of configuration, tuning and application learning have become irrelevant in these fast-pace environments. Yet, falling back only on the secure coding practices of the developer cannot be tolerated.
Secure coding requires a new approach where security tools become part of the development environment – and eliminate any unnecessary code analysis overhead. By collaborating with development teams, understanding their needs and requirements, you can pave the way to a secure deployment in minutes. Steps include:
- Re-evaluate existing security tools and consider their integration within a CD environment
- Deliver a secured development framework and enforce its usage
- Pinpoint precise security code flaws and provide optimal fix recommendations
Helen Bravo
Helen Bravo is the Product Manager at Checkmarx. Helen has more than fifteen years of experience in software development, IT security and source-code analysis.
Prior to working at Checkmarx, Helen has worked in Comverse one of the biggest Israeli Hi-tech firms as a software engineer and product manager for security matters. Helen holds a B.A. in Economics and Business Administration from the Israeli University of Haifa and started her development career at the age of 11. |