Difference between revisions of "Front Range OWASP Conference 2013/Presentations/DevOps"

From OWASP
Jump to: navigation, search
(Created page with "===DevOps and Security: It's Happening. Right Now.=== How do you integrate security within a Continuous Deployment (CD) environment - where every 5 minutes a feature, an enha...")
 
Line 8: Line 8:
 
* Deliver a secured development framework and enforce its usage
 
* Deliver a secured development framework and enforce its usage
 
* Pinpoint precise security code flaws and provide optimal fix recommendations
 
* Pinpoint precise security code flaws and provide optimal fix recommendations
 +
 +
[[Media:Bravo.pptx | Slides]]
 +
<br>

Revision as of 12:45, 11 June 2013

DevOps and Security: It's Happening. Right Now.

How do you integrate security within a Continuous Deployment (CD) environment - where every 5 minutes a feature, an enhancement, or a bug fix needs to be released? Traditional application security tools which require lengthy periods of configuration, tuning and application learning have become irrelevant in these fast-pace environments. Yet, falling back only on the secure coding practices of the developer cannot be tolerated.

Secure coding requires a new approach where security tools become part of the development environment – and eliminate any unnecessary code analysis overhead. By collaborating with development teams, understanding their needs and requirements, you can pave the way to a secure deployment in minutes. Steps include:

  • Re-evaluate existing security tools and consider their integration within a CD environment
  • Deliver a secured development framework and enforce its usage
  • Pinpoint precise security code flaws and provide optimal fix recommendations

Slides