Most of us think of code security in terms of how the code behaves—runtime vulnerabilities like XSS and SQL injection—but as a category, those represent only about half the risk in our code.
The other half of the risk is the sensitive information in our code, the details of all the systems our code connects to, and the passwords and keys to get in.
Modern DevOps tools eliminate these risks with dynamic discovery and secure secret stores. And for many, this is an issue of code quality. But how do we measure that and make it actionable?
Join us to learn how developers are taking ownership of code quality and the practical solutions engineering leaders are using to normalize secure code quality for their teams—and enable deeper conversations about secure design patterns along the way!
Key takeaways will include:
- Hear from experts how developers and security teams can focus on code security to mitigate risks early in the development cycle.
- Discover how for the first time, consolidating both internal code-related risks with external dependency risks can deliver a more complete risk posture.
- Learn about a new category of tools that foster collaboration between development teams and AppSec teams to respond to security issues without disrupting developer workflows.
Our speaker this week will be Casey Bisson.
Casey is a product and DevRel leader at Docker. Casey has over 15 years of experience as an engineering and product leader in consumer and B2B SaaS and IaaS. This includes his work in hyper-scale public cloud infrastructure, where he helped drive a DevOps revolution for container infrastructure and continuous delivery. Casey has worked with open-source communities throughout his career and demonstrated continued focus on making tools and systems usable. Casey’s background in building tools and services that developers love and trust is well-aligned with our mission to democratize the tools and processes they need to secure their development workflows.