Turning Security into Code
Security is so frustrating. Why can’t they just tell us what they need in advance instead of pointing out our mistakes after the fact. Why can’t security work the same way as quality, performance, etc… In this talk, Jeff will show you how to take control of security by turning it into code. He’ll provide real examples of how you can instrument your software for instant feedback on vulnerabilities during development and attacks in production — no scanning, no PDFs. He’ll also show how you can receive security alerts through the software toolchain you’re already using, just like any other kind of quality or performance issue. With continuous application security, you’ll fix issues early, before they get expensive. You’ll also be able to push code into production faster, without waiting for the security bottleneck. Security can be interesting and fun — let’s stop wrecking it!