Build Systems that Drive Business
June 11–12, 2018: Training
June 12–14, 2018: Tutorials & Conference
San Jose, CA

Jumpstarting your DevSecOps pipeline with IAST and RASP (sponsored by Contrast Security)

Jeff Williams (Contrast Security)
2:10pm–2:50pm Wednesday, June 13, 2018
Location: LL20 D Level: Intermediate
Average rating: ****.
(4.60, 5 ratings)

Prerequisite knowledge

  • A basic understanding of development

What you'll learn

  • Learn how to build a fast, effective, scalable DevSecOps pipeline using IAST and RASP


DevSecOps is so much more than “automating the scan button.” It spans the entire stack and the full software lifecycle, including development and operations. Jeff Williams explains how to layer security tools on a CI/CD pipeline without disrupting it and demonstrates a fast, effective, scalable DevSecOps pipeline using free tools. You’ll use IAST (interactive application security testing) to accurately pinpoint vulnerabilities in real time without scanning and RASP (runtime application self-protection) to gain comprehensive visibility of attacks in operations and prevent exploits. The result: continuous protection without disrupting DevOps.

This session is sponsored by Contrast Security.

Photo of Jeff Williams

Jeff Williams

Contrast Security

Jeff Williams is cofounder and CTO of Contrast Security, an application security product designed for DevOps and CI/CD. He recently authored the DZone DevSecOps cheat sheet and speaks frequently on the topic. Previously, Jeff founded Aspect Security and served as the global chair of OWASP for eight years. Jeff created the OWASP Top 10, OWASP Enterprise Security API, OWASP Application Security Verification Standard, XSS Prevention Cheat Sheet, and many more popular open source projects.