Agile + DevOps East 2019 DevSecOps Summit Session - Taking DevSecOps To The Next Level - Cutting Edge Tools for your Pipeline | TechWell

Conference archive


Friday, November 8, 2019 - 12:45pm to 1:30pm

Taking DevSecOps To The Next Level - Cutting Edge Tools for your Pipeline

Add to calendar

DevSecOps is so much more than forcing developers to use legacy scanning tools. In this talk, we will discuss a continuous, effective, and scalable DevSecOps pipeline using free cutting-edge tools. We'll discuss and show IAST (Interactive Application Security Testing) to accurately pinpoint vulnerabilities in both custom code and libraries in real time without scanning. We'll discuss and show RASP (Runtime Application Self-Protection) in production to gain visbility into application attaches and to prevent vulnerabilities from being exploited. And we'll discuss how to integrate the results into tools your teams already use (IDE, Chat, CI/CD, bugtrackers, SIEM, etc.). Pros and cons of IAST and RASP will be discussed as well. Take home valuable information on how to leverage cutting edge tools for your pipeline and add them to your DevSecOps pipeline immediately.

Jeff Williams
Contrast Security

Jeff Williams brings more than 20 years of security leadership experience as co-founder and Chief Technology Officer of Contrast Security. He recently authored the DZone DevSecOps, IAST, and RASP refcards and speaks frequently at conferences including JavaOne (Java Rockstar), BlackHat, QCon, RSA, OWASP, Velocity, and PivotalOne. Jeff is also a founder and major contributor to OWASP, where he served as Global Chairman for 9 years, and created the OWASP Top 10, OWASP Enterprise Security API, OWASP Application Security Verification Standard, XSS Prevention Cheat Sheet, and many more popular open source projects. Jeff has a BA from Virginia, an MA from George Mason, and a JD from Georgetown. Reach out to Jeff on LinkedIn.