Opening Keynote: Lessons learned defending web applications in the age of DevOps/Cloud

Zane-Lackey
23 Feb 2018
9:30 - 10:20
Keynote | Merchant Court Ballroom

Opening Keynote: Lessons learned defending web applications in the age of DevOps/Cloud

The standard approach for web application security over the last decade and beyond has focused heavily on slow gatekeeping controls like static analysis and dynamic scanning. However, these controls were originally designed in a world of Waterfall development and their heavy weight nature often cause more problems than they solve in today’s world of agile, DevOps, and CI/CD.

This talk will share practical lessons learned at Etsy on the most effective application security techniques in todays increasingly rapid world of application creation and delivery.

Specifically, it will cover how to:

  • Adapt traditionally heavyweight controls like static analysis and dynamic scanning to lightweight efforts that work in modern development and deployment practices
  • Obtain visibility to enable, rather than hinder, development and DevOps teams ability to iterate quickly
  • Measure maturity of your organizations security efforts in a non-theoretical way

This website uses cookies to ensure you get the best experience on our website More info

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Got it!" below then you are consenting to this.

Close