Level: Technical

Abstract:
How we can integrate Security tests into DevOps and Continuous Integration pipeline? In this talk we go through challenges of security automation in an enterprise and introduce tools and procedures to build up a fully automated security test in pipeline.

The talk go through the concepts first and then introduce the problem and why we need security automation after that I introduce developed tools and scripts. Parts of the talk contains:

• What SecOps
• SecOps Automation and DevOps
• Why we need Security Automation
• Where is the developers and security engineers in the process
• How to integrate Security Tests in Pipeline
• Technologies to be used
• Introducing the Scripts
• Building up the environment and demo

Bio:
Abdollah Shajadi – Working as Security Engineer in one of the pioneer finnish cloud based enterprises, I like to look at everything with a security point of view. I like to play around with malwares and break stuff!, I do rock climbing and play guitar.

Video/recordings:

[Slides (PDF)] [Recording (MP4)]

Posted on Wednesday, February 21st, 2018 at 11:45 AM in talks | rss feed for comments| Both comments and pings are currently closed.