Shifting Security Left in Your Continuous Testing Pipeline
Security is often the black sheep of testing. At many organizations, while functional testing is continuous throughout the lifecycle of the application, the security “scan” only takes place before the release. Why is functional testing allotted so much more in terms of resources and attention than security testing? Glenn Buckholz can’t answer that question, but he will discuss how you can get security to be considered a first-class testing citizen in your organization. He will cover technologies that integrate cleanly into the modern CI/CD pipeline, the pros and cons of SaaS security offerings, and the cost-benefit arguments that can help you convince management to do the right thing. Come learn how to convince the powers that be to introduce security testing into the early phases of your continuous testing pipeline.
Glenn Buckholz leads DevSecOps efforts at Coveros. Using his almost twenty years of industry experience, Glenn brings success to his customers by leveraging advanced automated techniques to drive organizational change. From Chef to Docker to Kubernetes, Glenn has experience implementing technologies across the federal and commercial space to aid in the creation of high-quality and more secure software at much higher velocities. Glenn utilizes his training and coaching experience to make these changes stick, providing lasting positive change.