Bringing Hacker-Powered Security Testing to DevOps SDLC

Presented by

Andy Condliffe, Solution Architect EMEA, Synack

About this talk

DevOps allows organizations to bring web, mobile, and IoT applications to life faster than traditional SDLC models. However, continuous releases and updates introduce new risks by the way of exploitable vulnerabilities that are introduced and left undetected and unresolved/unpatched in the production stream. Traditional point-in-time penetration tests can’t keep up with the frequency and short deployment cycles of the modern DevOps organization. Traditional pen tests are usually conducted through checklist-based activities that lack the comprehensiveness to mimic and defend against sophisticated cyber attacks. The result? An increase in serious, exploitable vulnerabilities in live applications and a slew of high-profile breaches.. Leading enterprise organizations are utilizing a crowdsourced security testing platform that combines continuous vulnerability scanning tools with manual, crowdsourced human security testing. This model of offensive and adversarial-based testing delivers realistic attack traffic on customers’ applications, resulting in effective vulnerability discovery and management and “smart” security intelligence without compromising security and control. Scalable and controlled crowdsourced testing at a continuous cadence is the answer for secure DevOps SDLC. Join this session by Andy Condliffe of Synack EMEA as he shares how Synack can help lower the risks of dynamic deployments with a continuous, human, offensive security testing model that’s better suited for the modern DevOps organization

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (53)
Subscribers (6856)
Synack is a security company revolutionizing how enterprises view cybersecurity: through a hacker’s eyes. Synack’s private, managed hacker-powered security solution arms clients with hundreds of the world's most skilled, highly vetted ethical hackers who provide a truly adversarial perspective to clients’ IT environments.