Building Security into DevOps Without Breaking It

Logo
Presented by

Steven Zimmerman, Product Marketing - Developer Solutions

About this talk

As development technologies become more fast-paced, modular, and automated, the tools and practices used to secure the software that passes through these pipelines must evolve. While many application security testing (AST) tools can be integrated into pipelines, teams often struggle with complexity, performance, and noisy results. Injecting security into DevOps without sacrificing efficiency requires a concerted approach focusing on: - Integration and automation that minimizes impediments, running necessary tests at appropriate times - Remediation of prioritized risks aligned to business needs - AppSec-enabled developers equipped with what they need to secure code as they write it - Modular AST that can be employed based on the software being tested
Related topics:

More from this channel

Upcoming talks (13)
On-demand talks (95)
Subscribers (62751)
Black Duck® offers the most comprehensive, powerful, and trusted portfolio of application security solutions in the industry. We have an unmatched track record of helping organizations around the world secure their software quickly, integrate security efficiently in their development environments, and safely innovate with new technologies. As the recognized leaders, experts, and innovators in software security, Black Duck has everything you need to build trust in your software. As of October 1, 2024 the Synopsys Software Integrity Group is now Black Duck®