"We Are All Equifax: Data Behind DevSecOps" - Stefania Chaplin (@DevStefOps)
OWASP London
Slides: https://drive.google.com/file/d/1ZTnU7XYjTAcUg5MfdXsnZlryl07s9NmE/view?usp=sharing
Talk abstract:
In March 2017 hackers took three days to identify and exploit a new vulnerability in Equifax’s web applications. In the post-Equifax world, moving new business requirements (e.g., a non-vulnerable version of Struts2) into production in under three days might just be your new normal. Find out what the analysis of 17,000 applications reveals about the quality and security of software built with open source components. Join this session to better understand how DevSecOps teams are applying lessons from W. Edwards Deming (circa 1982), Malcolm Goldrath (circa 1984) and Gene Kim (circa 2013) to improve their ability to respond to new business requirements and cyber risks.
Speaker: Stefania Chaplin (@DevStefOps) is a Solutions Engineer at Sonatype. At Sonatype Stefania is responsible for helping customers understand and implement DevSecOps across the EMEA region. Stefania holds a BSc degree in Computer Science from the University of Manchester and has a backgroud as a Python/Java developer. She enjoys the challenge of improving the quality of software across different languages and ecosystems. Stefania is passionate about women in technology and is Founder and President of 'Women at Sonatype'. She has spoken about DevSecOps at many conferences and meetups across Europe including; JavaZone in Norway, JFokus in Sweden and Cloud Expo, Women of Silicon Roundabout and Women in DevOps in London.
This talk was presented at the OWASP London Chapter meetup on 22-November-2018 at Microsoft Reactor ... https://www.youtube.com/watch?v=tFd6enAvn30
663393699 Bytes