AWS User Group: Scaling Security using Automation Pipelines – crossover with OWASP
Are you looking for frictionless security testing in your build pipeline that scales across your organization?
This talk provides the framework and tooling to build a DevSecOps pipeline. Do you have infrastructure as code? Can you find security misconfigurations before those changes are applied to your cloud infrastructure?
Continuous security testing is achieved using the AppSec Pipeline tool which has been used in organizations to do real security work. Beyond a stand alone tool, the OWASP AppSec Pipeline provides numerous docker containers ready to automate, runs natively in Jenkins and a specification to customize to fit your requirements.
If you want to start your DevSecOps journey by continuously testing then this talk will provide you with a practical implementation that you can utilize at your organization.
Aaron Weaver manages the Application Security Program for a large credit card processor. He is currently building out continuous security automation using the Application Security Pipeline to scale security. Prior to that Aaron worked for two large EdTech companies Cengage and Pearson Education building out Application Security Programs.
Additionally Aaron trains companies on secure code, threat modeling and cloud security. When he’s not busy he enjoys making sawdust in his workshop.
6:00- 6:15 | Introduction and settle-in
6:15 – 7:15 | Scaling Security using Automation Pipelines
7:15 – 7:30 | Open Forum – Bring your questions, successes, and stories!
7:30 – 8:30 | Cocktails and Mingling (Phil’s Tavern, 931 Butler Pike, Blue Bell, PA 19422)