DevOpsDays Chicago 2017 - Automating myself out of a job... by Jahmel Harris

Channel:
United States Confreaks
Subscribers:
42,400
Published on ● Video Link: https://www.youtube.com/watch?v=1RSIh5DCt2Y


Duration: 38:58
291 views
4

DevOpsDays Chicago 2017 - Automating myself out of a job - A pentesters guide to left shifting security testing by Jahmel Harris

The security industry works best with a waterfall approach to development and has not keep up with modern methodologies. This talk will look at tools and techniques to shift security testing left so software can be released early and often without increasing risk to the organisation.

Security is big business. Between security companies trying to sell us security-in-a-box and infosec professionals charging a fortune to tell us “we’re doing it wrong”, is it any wonder security is still an area that often deprioritised?

In this talk, we’ll look at what we should be doing to left shift security testing. By removing the fear and blame pushed by a lot of the security industry, we can start to see what can and should be automated and what really does need a security expert. We’ll look to understand that writing secure applications does not need to be costly and not all applications need to have the same level of security.

By looking at real penetration test reports, we will look at the tools and techniques we can use to detect vulnerabilities automatically and early in the development lifecycle, ultimately allowing us to release software often and quickly while still having a good understanding of our application’s risk.

The aim of this talk will be to understand why security has not kept current with modern development practices and give developers the ability to integrate security into the development pipeline.



Other Videos By Confreaks


2017-09-26DevOpsDays Chicago 2017 - Ignites- Don't be a Bystander, be an Incident Commander! by Rachael Byrne
2017-09-26DevOpsDays Chicago 2017 - Ignites- Title: Management or Technical? by Michael Stahnke
2017-09-26DevOpsDays Chicago 2017 - Ignites- Containers, Virtual Machines... by Nell Shamrell-Harrington
2017-09-26DevOpsDays Chicago 2017 - Ignites- How to DevOpsDays by Joe Nuspl
2017-09-26DevOpsDays Chicago 2017 - Delivering Continuous Security with Docker by Matthew Schlue
2017-09-26DevOpsDays Chicago 2017 - You Have A Data Lake, Now What? by Alison Stanton
2017-09-26DevOpsDays Chicago 2017 - Burnout: Community Problem & Community Solution by Jason Yee
2017-09-26DevOpsDays Chicago 2017 - Graphs: The Fabric of DevOps by Ashley Sun
2017-09-26DevOpsDays Chicago 2017 - DevOps Practices for the Database Team by Pramod Sadalage
2017-09-26DevOpsDays Chicago 2017 - Devaluing Hard Work by Katie Prizy
2017-09-26DevOpsDays Chicago 2017 - Automating myself out of a job... by Jahmel Harris
2017-09-26DevOpsDays Chicago 2017 - Serverless Architecture in Azure by Rob Richardson
2017-09-26DevOpsDays Chicago 2017 - Getting Good At System Failure Analysis by Paul Hinze
2017-09-26DevOpsDays Chicago 2017 - Diversity is Not Just a Checklist by Rhea Ghosh
2017-09-26DevOpsDays Chicago 2017 - Security, Don't Fear the DevOps by Bill Weiss
2017-09-26DevOpsDays Chicago 2017 - Hacking Human Systems by Jeff Smith
2017-09-01RustConf 2017 - Closing Keynote: Safe Systems Software and the Future of Computing by Joe Duffy
2017-09-01RustConf 2017 - Fast, Safe, Pure-Rust Elliptic Curve Cryptography
2017-09-01RustConf 2017 - Improving Rust Performance Through Profiling and Benchmarking by Steve Jenson
2017-09-01RustConf 2017 - Type System Tips for the Real World by Sean Griffin
2017-09-01RustConf 2017 - Menhir and Friends: the State of the Art of Parsing in Rust by Naomi Testard