Submit Search
Upload
Laura Bell (SafeStack)
•
0 likes
•
511 views
AgileNZ Conference
Follow
'Continuous Security - Securing Agile Development Environments'
Read less
Read more
Business
Report
Share
Report
Share
1 of 48
Recommended
DevSecCon Singapore 2018 - Pushing left like a boss by Tanya Janca
DevSecCon Singapore 2018 - Pushing left like a boss by Tanya Janca
DevSecCon
DevSecCon Singapore 2018 - Measuring and maximizing vuln discovery efforts by...
DevSecCon Singapore 2018 - Measuring and maximizing vuln discovery efforts by...
DevSecCon
Winning open source vulnerabilities without loosing your deveopers - Azure De...
Winning open source vulnerabilities without loosing your deveopers - Azure De...
WhiteSource
Improve Security through Continuous Testing
Improve Security through Continuous Testing
TechWell
First steps in testing analytics: Does test code quality matter?
First steps in testing analytics: Does test code quality matter?
Andy Zaidman
Amy DeMartine - 7 Habits of Rugged DevOps
Amy DeMartine - 7 Habits of Rugged DevOps
SeniorStoryteller
Software Analytics: The Dark Side and the Test Side
Software Analytics: The Dark Side and the Test Side
Andy Zaidman
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
FINOS
Recommended
DevSecCon Singapore 2018 - Pushing left like a boss by Tanya Janca
DevSecCon Singapore 2018 - Pushing left like a boss by Tanya Janca
DevSecCon
DevSecCon Singapore 2018 - Measuring and maximizing vuln discovery efforts by...
DevSecCon Singapore 2018 - Measuring and maximizing vuln discovery efforts by...
DevSecCon
Winning open source vulnerabilities without loosing your deveopers - Azure De...
Winning open source vulnerabilities without loosing your deveopers - Azure De...
WhiteSource
Improve Security through Continuous Testing
Improve Security through Continuous Testing
TechWell
First steps in testing analytics: Does test code quality matter?
First steps in testing analytics: Does test code quality matter?
Andy Zaidman
Amy DeMartine - 7 Habits of Rugged DevOps
Amy DeMartine - 7 Habits of Rugged DevOps
SeniorStoryteller
Software Analytics: The Dark Side and the Test Side
Software Analytics: The Dark Side and the Test Side
Andy Zaidman
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
FINOS
GDS-Austin - DevSecOps & Security Chaos Engineering
GDS-Austin - DevSecOps & Security Chaos Engineering
Aaron Rinehart
IDEAL: An Open-Source Identifier Name Appraisal Tool
IDEAL: An Open-Source Identifier Name Appraisal Tool
University of Hawai‘i at Mānoa
The road goes ever on and on by Ciaran Conliffe
The road goes ever on and on by Ciaran Conliffe
DevSecCon
Ensuring Security through Continuous Testing
Ensuring Security through Continuous Testing
TechWell
Silver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security Solutions
SeniorStoryteller
How To Move Mountains - ToorCon 2017
How To Move Mountains - ToorCon 2017
Aaron Hnatiw
Just4Meeting 2012 - How to protect your web applications
Just4Meeting 2012 - How to protect your web applications
Magno Logan
Nexus User Conference DevOps "Table Stakes": The minimum required to play the...
Nexus User Conference DevOps "Table Stakes": The minimum required to play the...
Aaron Rinehart
Measuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to Customers
Anthony Arrott
Sigma Open Tech Week: Bitter Truth About Software Security
Sigma Open Tech Week: Bitter Truth About Software Security
Vlad Styran
Exploratory testing
Exploratory testing
Sandeep Kumar Sahu
Introduction to software engineering
Introduction to software engineering
สาโรจน์ แสงผ่องอำไพ
Information Security Incidents Survey in Russia
Information Security Incidents Survey in Russia
Positive Hack Days
Texto de Ayuda Un2_Taller de ingles
Texto de Ayuda Un2_Taller de ingles
Meztli Valeriano Orozco
Machine Learning for Malware Classification and Clustering
Machine Learning for Malware Classification and Clustering
Ashwini Almad
Thinking in software testing
Thinking in software testing
สาโรจน์ แสงผ่องอำไพ
Including security in devops
Including security in devops
Jérémy Matos
Entaggle: an Agile Software Development Case Study
Entaggle: an Agile Software Development Case Study
Elisabeth Hendrickson
Let's review it: What designers can learn from (code) review
Let's review it: What designers can learn from (code) review
Ida Aalen
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
Adrian Sanabria
Continuous Security - NDC Sydney 2017
Continuous Security - NDC Sydney 2017
Laura Bell
Owasp tds
Owasp tds
snyff
More Related Content
What's hot
GDS-Austin - DevSecOps & Security Chaos Engineering
GDS-Austin - DevSecOps & Security Chaos Engineering
Aaron Rinehart
IDEAL: An Open-Source Identifier Name Appraisal Tool
IDEAL: An Open-Source Identifier Name Appraisal Tool
University of Hawai‘i at Mānoa
The road goes ever on and on by Ciaran Conliffe
The road goes ever on and on by Ciaran Conliffe
DevSecCon
Ensuring Security through Continuous Testing
Ensuring Security through Continuous Testing
TechWell
Silver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security Solutions
SeniorStoryteller
How To Move Mountains - ToorCon 2017
How To Move Mountains - ToorCon 2017
Aaron Hnatiw
Just4Meeting 2012 - How to protect your web applications
Just4Meeting 2012 - How to protect your web applications
Magno Logan
Nexus User Conference DevOps "Table Stakes": The minimum required to play the...
Nexus User Conference DevOps "Table Stakes": The minimum required to play the...
Aaron Rinehart
Measuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to Customers
Anthony Arrott
Sigma Open Tech Week: Bitter Truth About Software Security
Sigma Open Tech Week: Bitter Truth About Software Security
Vlad Styran
Exploratory testing
Exploratory testing
Sandeep Kumar Sahu
Introduction to software engineering
Introduction to software engineering
สาโรจน์ แสงผ่องอำไพ
Information Security Incidents Survey in Russia
Information Security Incidents Survey in Russia
Positive Hack Days
Texto de Ayuda Un2_Taller de ingles
Texto de Ayuda Un2_Taller de ingles
Meztli Valeriano Orozco
Machine Learning for Malware Classification and Clustering
Machine Learning for Malware Classification and Clustering
Ashwini Almad
Thinking in software testing
Thinking in software testing
สาโรจน์ แสงผ่องอำไพ
Including security in devops
Including security in devops
Jérémy Matos
Entaggle: an Agile Software Development Case Study
Entaggle: an Agile Software Development Case Study
Elisabeth Hendrickson
Let's review it: What designers can learn from (code) review
Let's review it: What designers can learn from (code) review
Ida Aalen
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
Adrian Sanabria
What's hot
(20)
GDS-Austin - DevSecOps & Security Chaos Engineering
GDS-Austin - DevSecOps & Security Chaos Engineering
IDEAL: An Open-Source Identifier Name Appraisal Tool
IDEAL: An Open-Source Identifier Name Appraisal Tool
The road goes ever on and on by Ciaran Conliffe
The road goes ever on and on by Ciaran Conliffe
Ensuring Security through Continuous Testing
Ensuring Security through Continuous Testing
Silver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security Solutions
How To Move Mountains - ToorCon 2017
How To Move Mountains - ToorCon 2017
Just4Meeting 2012 - How to protect your web applications
Just4Meeting 2012 - How to protect your web applications
Nexus User Conference DevOps "Table Stakes": The minimum required to play the...
Nexus User Conference DevOps "Table Stakes": The minimum required to play the...
Measuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to Customers
Sigma Open Tech Week: Bitter Truth About Software Security
Sigma Open Tech Week: Bitter Truth About Software Security
Exploratory testing
Exploratory testing
Introduction to software engineering
Introduction to software engineering
Information Security Incidents Survey in Russia
Information Security Incidents Survey in Russia
Texto de Ayuda Un2_Taller de ingles
Texto de Ayuda Un2_Taller de ingles
Machine Learning for Malware Classification and Clustering
Machine Learning for Malware Classification and Clustering
Thinking in software testing
Thinking in software testing
Including security in devops
Including security in devops
Entaggle: an Agile Software Development Case Study
Entaggle: an Agile Software Development Case Study
Let's review it: What designers can learn from (code) review
Let's review it: What designers can learn from (code) review
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
Similar to Laura Bell (SafeStack)
Continuous Security - NDC Sydney 2017
Continuous Security - NDC Sydney 2017
Laura Bell
Owasp tds
Owasp tds
snyff
(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014
(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014
Amazon Web Services
Making Security Agile - Oleg Gryb
Making Security Agile - Oleg Gryb
SeniorStoryteller
SCS DevSecOps Seminar - State of DevSecOps
SCS DevSecOps Seminar - State of DevSecOps
Stefan Streichsbier
Testing and DevOps Culture: Lessons Learned
Testing and DevOps Culture: Lessons Learned
LB Denker
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline
James Wickett
The DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD Pipeline
James Wickett
AllTheTalks Security Chaos Engineering
AllTheTalks Security Chaos Engineering
Aaron Rinehart
Strengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or less
Mohammed A. Imran
DevOps - Boldly Go for Distro
DevOps - Boldly Go for Distro
Paul Boos
Dev{sec}ops
Dev{sec}ops
Steven Carlson
Penetration testing dont just leave it to chance
Penetration testing dont just leave it to chance
Dr. Anish Cheriyan (PhD)
Software Testing Tools Training
Software Testing Tools Training
QEdge Tech
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CD
James Wickett
Jason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional Tools
centralohioissa
Product Security
Product Security
Steven Carlson
DevSecOps 101
DevSecOps 101
Narudom Roongsiriwong, CISSP
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Mohammed A. Imran
OWASP AppSec Global 2019 Security & Chaos Engineering
OWASP AppSec Global 2019 Security & Chaos Engineering
Aaron Rinehart
Similar to Laura Bell (SafeStack)
(20)
Continuous Security - NDC Sydney 2017
Continuous Security - NDC Sydney 2017
Owasp tds
Owasp tds
(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014
(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014
Making Security Agile - Oleg Gryb
Making Security Agile - Oleg Gryb
SCS DevSecOps Seminar - State of DevSecOps
SCS DevSecOps Seminar - State of DevSecOps
Testing and DevOps Culture: Lessons Learned
Testing and DevOps Culture: Lessons Learned
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD Pipeline
AllTheTalks Security Chaos Engineering
AllTheTalks Security Chaos Engineering
Strengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or less
DevOps - Boldly Go for Distro
DevOps - Boldly Go for Distro
Dev{sec}ops
Dev{sec}ops
Penetration testing dont just leave it to chance
Penetration testing dont just leave it to chance
Software Testing Tools Training
Software Testing Tools Training
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CD
Jason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional Tools
Product Security
Product Security
DevSecOps 101
DevSecOps 101
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
OWASP AppSec Global 2019 Security & Chaos Engineering
OWASP AppSec Global 2019 Security & Chaos Engineering
More from AgileNZ Conference
Automated Agility?! Let's Talk Truly Agile Testing - Adam Howard - AgileNZ 2017
Automated Agility?! Let's Talk Truly Agile Testing - Adam Howard - AgileNZ 2017
AgileNZ Conference
The Foundations of Business Agility - Shane Hastie - AgileNZ 2017
The Foundations of Business Agility - Shane Hastie - AgileNZ 2017
AgileNZ Conference
Breaking Through the Transformation Pain Barrier - Julie Lindenberg & David M...
Breaking Through the Transformation Pain Barrier - Julie Lindenberg & David M...
AgileNZ Conference
Improv-e Your Innovation - Jakob Jurkiewicz - AgileNZ 2017
Improv-e Your Innovation - Jakob Jurkiewicz - AgileNZ 2017
AgileNZ Conference
Chocolate, Cider & Product Ownership - Penny Goodwin & Chetan Parbhu - AgileN...
Chocolate, Cider & Product Ownership - Penny Goodwin & Chetan Parbhu - AgileN...
AgileNZ Conference
The Art of Dual-track Delivery - Ant Boobier - AgileNZ 2017
The Art of Dual-track Delivery - Ant Boobier - AgileNZ 2017
AgileNZ Conference
Becoming Agile: Agile Transitions in Practice - Rashina Hoda - AgileNZ 2017
Becoming Agile: Agile Transitions in Practice - Rashina Hoda - AgileNZ 2017
AgileNZ Conference
Scrumdiddlyumptious & the Killjoys - Mia Horrigan - AgileNZ 2017
Scrumdiddlyumptious & the Killjoys - Mia Horrigan - AgileNZ 2017
AgileNZ Conference
Build for Speed - Gareth Evans - AgileNZ 2017
Build for Speed - Gareth Evans - AgileNZ 2017
AgileNZ Conference
Inclusive Collaboration – How Our Differences Can Make the Difference - Aaron...
Inclusive Collaboration – How Our Differences Can Make the Difference - Aaron...
AgileNZ Conference
Born to Learn - Aurelien Beraud - AgileNZ 2017
Born to Learn - Aurelien Beraud - AgileNZ 2017
AgileNZ Conference
Making the Invisible Visible: Showing WIP & Flow at Portfolio Level in Waterf...
Making the Invisible Visible: Showing WIP & Flow at Portfolio Level in Waterf...
AgileNZ Conference
DevSec Delight with Compliance as Code - Matt Ray - AgileNZ 2017
DevSec Delight with Compliance as Code - Matt Ray - AgileNZ 2017
AgileNZ Conference
Shaking Leads to a Shake Up - Russel Garlick - AgileNZ 2017
Shaking Leads to a Shake Up - Russel Garlick - AgileNZ 2017
AgileNZ Conference
Making Agile Leadership Work: A Journey From Coach to Manager - Martin Cronj...
Making Agile Leadership Work: A Journey From Coach to Manager - Martin Cronj...
AgileNZ Conference
Agile-ish – How to Build a Culture of Agility - Lynne Cazaly - AgileNZ 2017
Agile-ish – How to Build a Culture of Agility - Lynne Cazaly - AgileNZ 2017
AgileNZ Conference
Modern Agile – What's It Good For? - Jacob Creech - AgileNZ 2017
Modern Agile – What's It Good For? - Jacob Creech - AgileNZ 2017
AgileNZ Conference
Business Agility: Leadership, Teams & the Work - Jude Horrill - AgileNZ 2017
Business Agility: Leadership, Teams & the Work - Jude Horrill - AgileNZ 2017
AgileNZ Conference
Connecting the Dots: Agile, DevOps, Lean IT - Mike Orzen - AgileNZ 2017
Connecting the Dots: Agile, DevOps, Lean IT - Mike Orzen - AgileNZ 2017
AgileNZ Conference
Being Agile vs Agile Doing - Luke Hohmann - AgileNZ 2017
Being Agile vs Agile Doing - Luke Hohmann - AgileNZ 2017
AgileNZ Conference
More from AgileNZ Conference
(20)
Automated Agility?! Let's Talk Truly Agile Testing - Adam Howard - AgileNZ 2017
Automated Agility?! Let's Talk Truly Agile Testing - Adam Howard - AgileNZ 2017
The Foundations of Business Agility - Shane Hastie - AgileNZ 2017
The Foundations of Business Agility - Shane Hastie - AgileNZ 2017
Breaking Through the Transformation Pain Barrier - Julie Lindenberg & David M...
Breaking Through the Transformation Pain Barrier - Julie Lindenberg & David M...
Improv-e Your Innovation - Jakob Jurkiewicz - AgileNZ 2017
Improv-e Your Innovation - Jakob Jurkiewicz - AgileNZ 2017
Chocolate, Cider & Product Ownership - Penny Goodwin & Chetan Parbhu - AgileN...
Chocolate, Cider & Product Ownership - Penny Goodwin & Chetan Parbhu - AgileN...
The Art of Dual-track Delivery - Ant Boobier - AgileNZ 2017
The Art of Dual-track Delivery - Ant Boobier - AgileNZ 2017
Becoming Agile: Agile Transitions in Practice - Rashina Hoda - AgileNZ 2017
Becoming Agile: Agile Transitions in Practice - Rashina Hoda - AgileNZ 2017
Scrumdiddlyumptious & the Killjoys - Mia Horrigan - AgileNZ 2017
Scrumdiddlyumptious & the Killjoys - Mia Horrigan - AgileNZ 2017
Build for Speed - Gareth Evans - AgileNZ 2017
Build for Speed - Gareth Evans - AgileNZ 2017
Inclusive Collaboration – How Our Differences Can Make the Difference - Aaron...
Inclusive Collaboration – How Our Differences Can Make the Difference - Aaron...
Born to Learn - Aurelien Beraud - AgileNZ 2017
Born to Learn - Aurelien Beraud - AgileNZ 2017
Making the Invisible Visible: Showing WIP & Flow at Portfolio Level in Waterf...
Making the Invisible Visible: Showing WIP & Flow at Portfolio Level in Waterf...
DevSec Delight with Compliance as Code - Matt Ray - AgileNZ 2017
DevSec Delight with Compliance as Code - Matt Ray - AgileNZ 2017
Shaking Leads to a Shake Up - Russel Garlick - AgileNZ 2017
Shaking Leads to a Shake Up - Russel Garlick - AgileNZ 2017
Making Agile Leadership Work: A Journey From Coach to Manager - Martin Cronj...
Making Agile Leadership Work: A Journey From Coach to Manager - Martin Cronj...
Agile-ish – How to Build a Culture of Agility - Lynne Cazaly - AgileNZ 2017
Agile-ish – How to Build a Culture of Agility - Lynne Cazaly - AgileNZ 2017
Modern Agile – What's It Good For? - Jacob Creech - AgileNZ 2017
Modern Agile – What's It Good For? - Jacob Creech - AgileNZ 2017
Business Agility: Leadership, Teams & the Work - Jude Horrill - AgileNZ 2017
Business Agility: Leadership, Teams & the Work - Jude Horrill - AgileNZ 2017
Connecting the Dots: Agile, DevOps, Lean IT - Mike Orzen - AgileNZ 2017
Connecting the Dots: Agile, DevOps, Lean IT - Mike Orzen - AgileNZ 2017
Being Agile vs Agile Doing - Luke Hohmann - AgileNZ 2017
Being Agile vs Agile Doing - Luke Hohmann - AgileNZ 2017
Recently uploaded
Nepali Escort Girl Kakori \ 9548273370 Indian Call Girls Service Lucknow ₹,9517
Nepali Escort Girl Kakori \ 9548273370 Indian Call Girls Service Lucknow ₹,9517
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
Aaiza Hassan
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
Forklift Trucks in Minnesota
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
Andy Lambert
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
anilsa9823
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...
Roland Driesen
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
Roland Driesen
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
IlamathiKannappan
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
Any kyc Account
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
anilsa9823
Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdf
Online Income Engine
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insights
seri bangash
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...
noida100girls
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
NZSG
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
Holger Mueller
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
lizamodels9
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Tina Ji
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
Call Girls in Delhi
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
Neil Kimberley
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
Suhani Kapoor
Recently uploaded
(20)
Nepali Escort Girl Kakori \ 9548273370 Indian Call Girls Service Lucknow ₹,9517
Nepali Escort Girl Kakori \ 9548273370 Indian Call Girls Service Lucknow ₹,9517
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdf
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insights
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
Laura Bell (SafeStack)
1.
Continuous Security Laura Bell SafeStack
2.
Con$nuous Security Laura Bell F
O U N D E R & L E A D C O N S U LTA N T S A F E S TAC K @ l a d y _ n e rd l a u r a @ s a fe s t a c k . i o
3.
once upon a
$me*… * Some'me in the last week for some of you
4.
and the whole
world went to hell
5.
common misconcep$ons
6.
it’s not my
job (that’s why we have a security team)
7.
it’s impossible so
why try
8.
we’ve always done
this… nobody’s hacked us yet
9.
we’re too li@le
to fail (at security)
10.
agility increases risk
11.
what is con$nuous
security?
12.
design code
stuff idea test deploy
13.
design code
stuff idea test deploy Ini'al Risk Assessment Design Review Code and Implementa'on Review Penetra'on Tes'ng
14.
15.
con$nuous
16.
principles of con$nuous
security
17.
automated autonomous integrated
repeatable scalable
18.
automated “the best technical
people I know work really hard to make themselves redundant”
19.
Deployment Provisioning Tes$ng Sta$c analysis Vulnerability mgmt
20.
autonomous “no boMlenecks, breakdowns
or ripples”
21.
22.
Skills Authority Accountability every team
23.
integrated “bite-‐sized security that
works with every step of your lifecycle”
24.
25.
Woven in to
keep you going Respected enough to stop you
26.
repeatable “security fails when
it’s a special event”
27.
Every story Every sprint Every
developer Every $me
28.
Standard Security Stories h@p://www.safecode.org
29.
scalable “more than just
a single team experiment”
30.
Business as usual Managed Measured Controlled Universal Special Proof
of concept Blue sky Experiment Innova$on
31.
Case Study
32.
Fast growing 110
developers Compliance environment New code Legacy code Mul$ple languages
33.
Requirements Standard Security Stories Architecture
Inclusion Reusable requirements
34.
Code review IDE based
free tools Peer Review Security guild
35.
Tes$ng Automated ZAP tes$ng Selenium Standard
security tests
36.
Deployment Vulnerability checks Infrastructure as
code On demand deployments
37.
Collabora$on Security guild Chat ops Hack
events
38.
Good stuff
speed of change skill level increase increased awareness priority of legacy use of security resource
39.
Lessons learned security
guilds tool cost tool quality approaches training at scale
40.
achieving con$nuous security
41.
choose tools wisely
integra$ons with workflows, API, speed
42.
easy to digest
resources keep your examples, templates and reusable stuff as close to your developers as possible
43.
educate everyone skills
are the number one bo@leneck
44.
give testers some
love test environments, clean test data and tools
45.
no special treatment
legacy code needs security too
46.
dev == test
== prod remove the differences to remove deployment complexity
47.
Ques$ons? Laura Bell F O
U N D E R & L E A D C O N S U LTA N T S A F E S TAC K @ l a d y _ n e rd l a u r a @ s a fe s t a c k . i o
48.
@lady_nerd Laura Bell SafeStack Thanks for
listening…