AWS re:Inforce 2019: Integrating AppSec into Your DevSecOps on AWS (DEM14)
DevSecOps is driving the use of security testing throughout the application lifecycle, from initial development to production monitoring. Application security (AppSec) testing is unlike other forms of security in that it directly impacts the daily routines of developers. David Wayland, former developer and current Director of Enterprise Application Security for a Fortune 500 financial institution, discusses securing CI/CD pipelines from his unique development and security team perspective. He reveals best practices gained from his nearly 10 years of running AppSec programs – including one currently migrating to the cloud – that can be used to drive your own DevSecOps success.
– John Maski, Veracode