Kevin Fealey of Aspect Security will present on automating application security tools to free up security professionals for more important tasks. He will discuss how integrating both open source and commercial security tools into the software development lifecycle as automated "sensors" can provide continuous visibility and real-time intelligence. By automating simple security checks, teams can focus on real security challenges rather than low-hanging fruit. Examples and lessons learned will be shared. The presentation aims to bridge the gap between how development has adopted DevOps practices while security still relies on outdated paradigms.
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Automating Your Tools: How to Free Up Your Security Professionals for Actual Security Tasks
1. Aspect Security | 9175 Guilford Road, Suite 300 | Columbia, MD 21046 | www.aspectsecurity.com
Automating Your Tools
How to Free Up Your Security Professionals for Actual Security Tasks
Techno Security
06/02/2015
20. Application security that just works
CENTRALIZE SENSOR OUTPUT
20
Application ServerWeb Server Database Server SecurityTools
‘ or 1=1; --
Access Control
Violation! Heartbleed
detected!
Invalid HTTP Request
Data
Central Repository
Source: US Dept. of Commerce, National Institute of Standards & Technology (NIST). "Planning Report 02-3: The Economic Impacts of Inadequate Infrastructure for Software Testing." Technology Program Office, Strategic Planning & Economic Analysis Group. May, 2002. www.nist.gov/director/prog-ofc/report02-3.pdf