Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, October 13 • 9:45am - 9:55am
Lightning Talk - Application Security in a DevOps World: Three Methods for Shifting Left

Sign up or log in to save this to your schedule and see who's attending!

Application Security in a DevOps World: Three Methods for Shifting Left 
Operations has always resided clearly outside of development. Release candidates are tossed over the fence by development and operations was expected to “just make it work.” The same can be said about many other activities, including application security. This isn’t intended to be derision aimed at development—it’s just a feature of how processes have historically been demarcated. 
But with the emergence of the DevOps movement, organizations are beginning to apply the “shift-left” principle associated with early testing toward other facets of application development. Security, which has been treated as something you can test into an application, should be built into an application according to DevOps principles. 
In this presentation, we discuss how to get development and operations working together to build security into the application. We’ll outline three methods and discuss their merits and drawbacks:
• Penetration testing: This is the approach most commonly used.
• Hybrid testing: By applying flow (dynamic analysis) early in the process, you can that look for possible paths through the code that lead to security flaws.
• Preventative testing: By taking a standards-based approach and implementing a set of activities that target defects that lead to security vulnerabilities, you are able to get ahead of security issues that diminish the effectiveness of DevOps approaches.

Speakers
avatar for Aaron Lindsay

Aaron Lindsay

Aaron Lindsay been helping Parasoft’s clients harden code, develop functional testing solutions, and virtualize their environments for almost 4 years. He has worked on projects all across America and South America, incorporating service virtualization into verticals that range from banking and healthcare to defense organizations. | | Aaron also worked with R&D team under Dr. Ciera Jaspan to identify collaboration constrains in Java... Read More →


Thursday October 13, 2016 9:45am - 9:55am
Room C

Attendees (51)