Artwork

Content provided by Confreaks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Confreaks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

DevOpsDays Chicago 2017 - Automating myself out of a job... by Jahmel Harris

38:58
 
Share
 

Archived series ("HTTP Redirect" status)

When? This feed was archived on October 25, 2017 00:33 (7y ago). Last successful fetch was on October 21, 2017 07:04 (7y ago)

Why? HTTP Redirect status. The feed permanently redirected to another series.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 189933175 series 97406
Content provided by Confreaks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Confreaks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
DevOpsDays Chicago 2017 - Automating myself out of a job - A pentesters guide to left shifting security testing by Jahmel Harris The security industry works best with a waterfall approach to development and has not keep up with modern methodologies. This talk will look at tools and techniques to shift security testing left so software can be released early and often without increasing risk to the organisation. Security is big business. Between security companies trying to sell us security-in-a-box and infosec professionals charging a fortune to tell us “we’re doing it wrong”, is it any wonder security is still an area that often deprioritised? In this talk, we’ll look at what we should be doing to left shift security testing. By removing the fear and blame pushed by a lot of the security industry, we can start to see what can and should be automated and what really does need a security expert. We’ll look to understand that writing secure applications does not need to be costly and not all applications need to have the same level of security. By looking at real penetration test reports, we will look at the tools and techniques we can use to detect vulnerabilities automatically and early in the development lifecycle, ultimately allowing us to release software often and quickly while still having a good understanding of our application’s risk. The aim of this talk will be to understand why security has not kept current with modern development practices and give developers the ability to integrate security into the development pipeline.
  continue reading

57 episodes

Artwork
iconShare
 

Archived series ("HTTP Redirect" status)

When? This feed was archived on October 25, 2017 00:33 (7y ago). Last successful fetch was on October 21, 2017 07:04 (7y ago)

Why? HTTP Redirect status. The feed permanently redirected to another series.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 189933175 series 97406
Content provided by Confreaks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Confreaks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
DevOpsDays Chicago 2017 - Automating myself out of a job - A pentesters guide to left shifting security testing by Jahmel Harris The security industry works best with a waterfall approach to development and has not keep up with modern methodologies. This talk will look at tools and techniques to shift security testing left so software can be released early and often without increasing risk to the organisation. Security is big business. Between security companies trying to sell us security-in-a-box and infosec professionals charging a fortune to tell us “we’re doing it wrong”, is it any wonder security is still an area that often deprioritised? In this talk, we’ll look at what we should be doing to left shift security testing. By removing the fear and blame pushed by a lot of the security industry, we can start to see what can and should be automated and what really does need a security expert. We’ll look to understand that writing secure applications does not need to be costly and not all applications need to have the same level of security. By looking at real penetration test reports, we will look at the tools and techniques we can use to detect vulnerabilities automatically and early in the development lifecycle, ultimately allowing us to release software often and quickly while still having a good understanding of our application’s risk. The aim of this talk will be to understand why security has not kept current with modern development practices and give developers the ability to integrate security into the development pipeline.
  continue reading

57 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide