Overview
Syllabus
Intro
interpretive dance
Zanes background
DevOps
Spoiler
What has changed
The real shift
Legacy approaches
Technical diagram
FDL primitives
Common primitives
What do we need to adapt
Static Analysis
Legacy Static Analysis
BottomUp Static Analysis
TopUp Static Analysis
Red Flags
Proactive alerting
Dynamic scanning
Scanning as a method of discovering vulnerabilities
Challenges
Security Policies
Security Visibility
Breaking Down Silos
HTTP 500 Errors
Bringing Data Together
Vintage Meme
Annual Pen Tests
Pen Tests and Bug bounties
Conclusion
Attack Driven
Modern Feedback Visibility
Continuous Testing
Happy Note
Security Reports
Taught by
OWASP Foundation