This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Thursday, October 22 • 10:00am - 11:00am
Doing AppSec at Scale: DevOps + Agile + CI/CD == AppSec Pipelines

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

How many applications are in your company’s portfolio? What’s the headcount for your AppSec team? Whatever your situation is, I am sure the numbers are not in your favor. Its not time to find a new career, it's time to up your game. This talk will cover how to take your small merry band of AppSec professionals and scale it up to a virtual army. By taking the best of DevOps, Agile and CI/CD, you can iteratively up your AppSec game over time and begin your ascent out of the security hole you are in.

The talk covers real world experiences running AppSec groups at two different companies. Rackspace with approximately 4,000+ employees and Pearson with 40,000+. Both have an international presence and far more apps and developers that AppSec staff. The talk covers the key principles to speed and scale up AppSec programs as well as practical examples of these practices put into use. Example results? How about under a minute to provision recurring static scanning of an application? How about 24/7 remediation advice available to any developer - even while you sleep. Report generation - in minutes. Automation, Orchestration, ChatOps, its all in our AppSec Pipeline. Start early and begin to buy down the technical security dept which feels inevitable using traditional AppSec program thinking.

Watch the talk here

avatar for Matt Tesauro

Matt Tesauro

Senior AppSec Engineer, Duo Security
Matt Tesauro is currently a Senior AppSec Engineer building an AppSec Pipeline and continuous security program for Duo Security.  Prior, he worked full-time for the OWASP Foundation, adding automation and awesome to OWASP projects as the Operations Director. Previously, he was... Read More →

Thursday October 22, 2015 10:00am - 11:00am CDT
Cypress Room Norris Conference Center, Austin
  Rugged DevOps Track
  • Host Organization

Attendees (0)