Application Security is hard when security is separated from your DevOps flow. Security has traditionally been the final hurdle in the development life cycle. Iterative development workflows can make security a release bottleneck. Your team doesn't have enough people to test all of your code, and hiring more analysts won't automatically reduce the friction between your app sec and engineering teams. Only testing major releases, or limiting tests to certain apps, leaves weak spots hackers can exploit. You need a way to balance risk and business agility. Instead of waiting for security at the end of the development process, you can include it with your DevOps workflow. You need DevSecOps process.
Benefits of DevSecOps?
Every piece of code is tested upon commit for security threats, without incremental cost!
The developer can remediate now, while they are still working in that code, or create an issue with one click!
The dashboard for the security pro is a roll-up of vulnerabilities remaining that the developer did not resolve on their own!
Vulnerabilities can be efficiently captured as a by-product of software development!
A single tool also reduces cost over the approach to buy, integrate and maintain point solutions throughout the DevOps pipeline!
Please join GitLab's own Seth Berger, Engineering Manager (Secure), for a conversation around how to effortlessly shift security left.
Seth is an Engineering Manager at GitLab where he focuses on delivering tools to help DevSecOps engineers build and deploy more secure software. Seth is passionate about bringing secure development tools to every engineer regardless of their product's maturity or company size. He has been involved in several startups and large enterprises and he deeply appreciates the constraints that development teams face everyday.
Food, Drinks and SWAG will be provided! I hope to see you there!
Venue hosted by 8th Light.