Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
•
•
•
•
•
SOFTWARE DEVELOPMENT IS LIKE A MMORPG...
IT NEVER ENDS!
THEN ALL
BECAME
AGILE!
AGILE
•
•
•
•
•
•
•
•
•
•
Plan Code Build Test Release Deploy
Operate &
Monitor
Why not here?Better yet, why no
here?
Why not plan security from...
AUTOMATION IS KEY TO SSL APROACH
TOOLS
• Open source continuous integration server
• Each integration is verified and tested over
automated builds
• Detects inte...
• Zed Attack Proxy by Simon Bennetts
• Ideal for beginners but also used by professionals
• Can find security vulnerabilit...
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
• HTTPS://PT.SLIDESHARE.NET/DINISCRUZ/OWASP-BRAZIL-MAKING-SECURITY-INVISIBLE-BY-
BECOMING-THE-DEVELOPERS-BEST-FRIEND...
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan
Upcoming SlideShare
Loading in …5
×

DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan

833 views

Published on

DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan

Published in: Software
  • Be the first to comment

DevSecOps - Integrating Security in the Development Process (with memes) - Magno Logan

  1. 1. • • • • •
  2. 2. SOFTWARE DEVELOPMENT IS LIKE A MMORPG... IT NEVER ENDS!
  3. 3. THEN ALL BECAME AGILE!
  4. 4. AGILE
  5. 5. • • • • • • • •
  6. 6. • • Plan Code Build Test Release Deploy Operate & Monitor Why not here?Better yet, why no here? Why not plan security from the beginning?! “We test for vulns here” SSL Approach – Shifting Security Left
  7. 7. AUTOMATION IS KEY TO SSL APROACH
  8. 8. TOOLS
  9. 9. • Open source continuous integration server • Each integration is verified and tested over automated builds • Detects integration errors as fast as possible • Has many security plugins available!
  10. 10. • Zed Attack Proxy by Simon Bennetts • Ideal for beginners but also used by professionals • Can find security vulnerabilities in web applications automatically (good for devs) • Also enables manual security testing (pentests) • Some features include: Proxy, Scanner, Spider, Brute Force and Fuzzing
  11. 11. • • • • • •
  12. 12. • • • • • •
  13. 13. • • • • •
  14. 14. • • • • • • •
  15. 15. • • • • HTTPS://PT.SLIDESHARE.NET/DINISCRUZ/OWASP-BRAZIL-MAKING-SECURITY-INVISIBLE-BY- BECOMING-THE-DEVELOPERS-BEST-FRIENDS-V2 • HTTPS://WWW.YOUTUBE.COM/WATCH?V=X9NOUTCNTAC • HTTP://WWW.DEVSECOPS.ORG/BLOG/2016/5/20/-SECURITY • HTTPS://CDN2.HUBSPOT.NET/HUBFS/1958393/WHITE_PAPERS/DEVSECOPS_HOW_TO_SEAMLE SSLY__315283.PDF?T=1482418124868 • HTTPS://WWW.SANS.ORG/READING-ROOM/WHITEPAPERS/ANALYST/DEVSECOPS-PLAYBOOK- 36792

×