Shifting Left: DevSecOps as an Approach to Building Secure Products

A presentation at DDD Adelaide in in Adelaide SA, Australia by Jakob Pennington

In order to build secure products, we need to begin security testing from the very beginning of the development lifecycle, and test continuously throughout the product’s lifespan. Relying only on security testing just prior to a software release increases the likelihood of costly, systemic security flaws, and relies too heavily on the skill of a given penetration tester or code reviewer to find all vulnerabilities in a product before it is released into production.

In this talk, Jakob speaks about how you can leverage DevOps tooling and processes to integrate security testing into your pipeline to apply multiple layers of checks and balances to each line of code from commit to production.