Integrating Security into Continuous Delivery
Details
The Internet is full of insecure applications that cost organizations money andtime, while damaging their reputations when their systems are compromised.We need to build secure applications as never before, but most developersare not now—and never will be—security specialists. By building ApplicationSecurity tools into your Continuous Delivery process you can streamline theprocess of finding application security vulnerabilities which is the first step inmaking your application more secure. Learn the common ways organizationuse application security tools as part of the CD build pipelines, includinga discussion of the tradeoffs between open source tools and commercialapplication security tools. We will also discuss what to do after you gatherthe data and how to security audit data back into an iterative developmentprocess.
About the Speaker
Thomas Stiehm has been developing applications and managing softwaredevelopment teams for eighteen years. As CTO of Coveros, he is responsiblefor the oversight of all technical projects and integrating application securitypractices into software development projects. Most recently, Thomas has beenfocusing on how to incorporate security best practices into agile developmentand how to achieve a balance between business risk and cost while mitigatingsecurity vulnerabilities. Previously, as a managing architect at Digital Focus,Thomas was involved in agile development and found that agile is the onlydevelopment methodology that makes the business reality of constant changecentral to the development process.