May 2016: Testing Security as part of CD
Phil Parker - Continuous Security
A 'back-to-front' talk exploring how security can be improved in a continuous delivery environment. Touching on policy, management, threat modelling & assessment, process and tools and, most importantly of all, mindset.
Phil is a Partner with Equal Experts and has an unhealthy obsession with Identity Management and Web Application Security. @parker0phil (https://twitter.com/parker0phil)
Ian T Price - Security testing in CD with ZAP
ZED Attack Proxy in a CI/CD framework: the CI/CD pipeline is now a familiar process for most DevOps people but it is rarely extended to include security (aka DevSecOps). This presentation looks at the ever increasing need for comprehensive security, when it should be applied and one prominent tool to assist in automated security auditing: ZED Attack Proxy.