Explore a conference talk that challenges traditional approaches to application security. Delve into the epistemological issues in software development and learn why rapid iterations are crucial. Examine how the world has changed since Agile and understand DevOps as an application of Agile methodology to system administration. Discover why separation of duties can be harmful and how to reduce code latency while increasing velocity. Learn about integrating rugged testing into the pipeline, incorporating security testing in continuous integration systems, and adding application security telemetry for developers and operations teams. Gain insights on effecting change in the complex landscape of app security through innovative approaches and better methodologies.
How to Effect Change in the Epistemological Wasteland of App Security
Overview
Syllabus
Introduction
How to effect change in the Epistemological Wasteland of Application Security
SUMMARY
EPISTEMOLOGICAL PROBLEM OF SOFTWARE DEVELOPMENT
TLDR; RAPID ITERATIONS WIN
THE WORLD HAS CHANGED SINCE AGILE
DEVOPS IS THE APPLICATION OF AGILE METHODOLOGY TO SYSTEM ADMINISTRATION -THE PRACTICE OF CLOUD SYSTEM ADMINISTRATION BOOK
AGILE INFRASTRUCTURE
SEPARATION OF DUTIES CONSIDERED HARMFUL
REDUCE CODE LATENCY INCREASE CODE VELOCITY
INTEGRATED RUGGED TESTING SHOULD SIT INSIDE THE PIPELINE
PUT SECURITY TESTING IN YOUR CONTINUOUS INTEGRATION SYSTEM
ADD APPLICATION SECURITY TELEMETRY TO DEVS AND OPS
Taught by
GOTO Conferences
