DevSecOps is so much more than “automating the scan button.” It spans the entire stack and the full software lifecycle, including development and operations. Jeff Williams explains how to layer security tools on a CI/CD pipeline without disrupting it and demonstrates a fast, effective, scalable DevSecOps pipeline using free tools. You’ll use IAST (interactive application security testing) to accurately pinpoint vulnerabilities in real time without scanning and RASP (runtime application self-protection) to gain comprehensive visibility of attacks in operations and prevent exploits. The result: continuous protection without disrupting DevOps.
This session is sponsored by Contrast Security.
Jeff Williams is cofounder and CTO of Contrast Security, an application security product designed for DevOps and CI/CD. He recently authored the DZone DevSecOps cheat sheet and speaks frequently on the topic. Previously, Jeff founded Aspect Security and served as the global chair of OWASP for eight years. Jeff created the OWASP Top 10, OWASP Enterprise Security API, OWASP Application Security Verification Standard, XSS Prevention Cheat Sheet, and many more popular open source projects.
©2018, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org