*AST In CI/CD – How to Make it WORK!

Ofer Maor - Security Expert, Synopsys (DevSecCon Boston Speaker)
12 Sep 2017
10:25 - 11:15
Ballroom

*AST In CI/CD – How to Make it WORK!

SAST, IAST, DAST, MAST, *AST – There are plenty of technologies and ways to test your software, but how do we do that without slowing us down in a rapid development environment. In this talk we will give practical advice on how to integrate software security testing into your CI/CD and your development process so it works. The talk will review the pros and cons of each of the testing technologies, and how to adapt it to rapid development, and how to manage the balance between risk and speed to build a proper signoff process, so that real threats will become blockers, but other issues will be handled in a parallel slower cycle, without slowing down the main delivery.