Sponsored by:
About this webinar:
Developers are now often owning the security and compliance requirements of their creations, carrying out AST in-editor, rather than passing their code through the security team towards the end of the process. DevOps culture and practices help your organisation rapidly build, reliably operate, and continuously improve your software solutions. However, there's a strong argument for integrating security at every stage too, via DevSecOps, to maintain velocity without compromising security.
With the ‘secure by design’ mantra becoming the norm over the past few years, in the face of ever more frequent and sophisticated cyber security attacks, application security testing (AST) is having to integrate further into the development process.
Developers are now often owning the security and compliance requirements of their creations, carrying out AST in-editor, rather than passing their code through the security team towards the end of the process. DevOps culture and practices help your organisation rapidly build, reliably operate, and continuously improve your software solutions. However, there's a strong argument for integrating security at every stage too, via DevSecOps, to maintain velocity without compromising security.
This webinar will explore organisations’ strategic goals for AST, and to what extend they are integrating it into their DevOps environment and building a holistic AppSec program. It will then drill down into specific needs and challenges, such as: automation, quick setup, ease of use, accuracy, integration, remediation guidance and scalability – exploring how these priorities might affect the success of a DevSecOps approach.As many organisations strive towards greater integration and observability across their cloud, connectivity, cyber security and productivity technology infrastructure – should AST and DevOps be interwoven too?
Presenters
Panel:
John Leonard is Group Research Director for the Enterprise Technology Group at Incisive Media. He has designed and conducted research studies and analyses covering many of the aspects of business technology that are driving the way we live and work today.
Andrew is an enterprise technology writer, editor, publisher, strategist and consultant; illuminating digital transformation in the connected world and educating businesses on the opportunities and challenges presented by cloud and edge computing, the Internet of Things, automation, AI, and Big Data. He is a former Editor and Publisher of Internet of Business and now oversees Incisive Works’ enterprise technology thought-leadership content creation, including multimedia digital experiences, whitepapers, webinars, videos, and podcasts
Jonathan Knudsen is a Technology Evangelist at Synopsys. Drawing upon his experience as a developer, author, and teacher, he likes to explore the big picture and the gritty details of software security. He is the author of seven books on topics such as cryptography, graphics, robotics, and mobile development. In addition, he has written more than one hundred articles about software security, fuzz testing, and software development. Jonathan also teaches a class about security in software development for Duke University.
Stuart is a security consultant working with the John Lewis Partnership, helping them to effectively embed security within Continuous Delivery. He has over 20 years experience in software engineering, architecture and security, and has worked with a variety of public and private sector organisations across a range of industries. He is the Security Practice Lead at Equal Experts, a global consultancy specialising in agile software delivery.