Automating AppSec Pipelines with Docker and Serverless
In application security, the size of the security team is always the most scarce resource. The best way to optimize the security team is automation.
This presentation will provide an overview of key application security automation principles and practices creating an Application Security Pipeline augmented with automation.
With the rise of docker and serverless patterns, there is a whole new suite of tools available to the pipeline builder. We show you how to get started automating application security tooling and reporting using these new patterns.
Watch the Webinar!
About the presenters
Aaron Weaver is the Application Security Manager at Cengage Learning. Prior to that he was at Protiviti where he built out their secure coding practice. Aaron has managed application security programs at large organizations and leads OWASP Philadelphia. Aaron speaks frequently at OWASP, AppSec USA/EU, Infragard, ISSA, ISACA, IIA and Velocity. When he has time Aaron likes to make sawdust in his workshop.
Matt Tesauro is currently working full-time for the OWASP Foundation, adding automation and awesome to OWASP projects. Previously, he was a founder and CTO of Infinitiv, a Senior Software Security Engineer at Pearson and the Senior Product Security Engineer at Rackspace. He is also an Adjunct Professor for the University of Texas Computer Science department teaching the next generation of CS students about Application Security. Matt is broadly experienced information security professional of 15 years specializing in application and cloud security. He is a former board member of the OWASP Foundation and project lead for OWASP AppSec Pipeline & WTE projects. He holds two degrees from Texas A&M University and several security and Linux certifications.