Integrating CI/CD with Risk Remediation for Comprehensive Application Security

Presented by

Yaniv Bar-Dayan, Vulcan Cyber CEO and co-founder

About this talk

Applications are driving the rapidly transforming digital economy. However, a combination of increased release cycles and application development speed, and an ever-more sophisticated threat landscape riddled with un-remediated, known vulnerabilities is increasing the size of the enterprise attack surface. Comprehensive cyber hygiene requires the coordination of remediation efforts across diverse environments including application development, cloud, traditional infrastructure and endpoints. The importance of security cannot be overstated, nor can the difficulty of maintaining application security specifically. A security-minded approach to continuous integration and continuous delivery has proven itself extremely useful in securing the software development lifecycle and related software supply chain, both internal and external. This session will outline the steps needed to integrate application security and DevSecOps practices with an overarching vulnerability remediation orchestration initiative. It will feature real-world examples using prescriptive workflows that measure and drive holistic enterprise security. This session will also cover: - Orchestration best practices, including how to automate application updates and security testing. - Dev infrastructure security considerations including patch management. - Integration of remediation efforts across diverse environments. - Post-test testing. - Update and validate container image security. - Kubernetes maintenance

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (39)
Subscribers (2435)
Vulcan Cyber is the world's first continuous vulnerability remediation platform. Entirely focused on remediation, not just vulnerability management, we help enterprise security and IT teams collaborate to get fix done by orchestrating and automating the full remediation lifecycle. Vulcan reduces business exposure to vulnerability dwell from months to hours by providing actionable prioritization, the right remedy for the task, and automation of the entire workflow.