DevSecOps pipeline to improve productivity
Security needs to be part of the software development workflow. This new shift is critical to find issues upfront rather than waiting for applications to perform Penn testing at the end of the development cycle. DevSecOps is in rising to enable organizations to implement security best practices.
In this talk, we will explore Static application Security testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST). It is critical to check code dependencies to find out about any zero-day attacks. Threat modeling is essential to identify vulnerable connections. Secure coding practices need to be part of the CICD development pipeline.
Security needs to be part of the software development workflow. This new shift is critical to find issues upfront rather than waiting for applications to perform Penn testing at the end of the development cycle. DevSecOps is in rising to enable organizations to implement security best practices.
In this talk, we will explore Static application Security testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST). It is critical to check code dependencies to find out about any zero-day attacks. Threat modeling is essential to identify vulnerable connections. Secure coding practices need to be part of the CICD development pipeline.
Key takeaways for this talk for testers, developers and architects are as follows:
> Best practices for DevSecOps
> Developer productivity in real-time
> Identifying vulnerabilities before code is released to QA
> Protecting legacy applications
> Tools for automating security testing
About Rohit Bhardwaj
Rohit Bhardwaj is a Director of Architecture working at Salesforce. Rohit has extensive experience architecting multi-tenant cloud-native solutions in Resilient Microservices Service-Oriented architectures using AWS Stack. In addition, Rohit has a proven ability in designing solutions and executing and delivering transformational programs that reduce costs and increase efficiencies.
As a trusted advisor, leader, and collaborator, Rohit applies problem resolution, analytical, and operational skills to all initiatives and develops strategic requirements and solution analysis through all stages of the project life cycle and product readiness to execution.
Rohit excels in designing scalable cloud microservice architectures using Spring Boot and Netflix OSS technologies using AWS and Google clouds. As a Security Ninja, Rohit looks for ways to resolve application security vulnerabilities using ethical hacking and threat modeling. Rohit is excited about architecting cloud technologies using Dockers, REDIS, NGINX, RightScale, RabbitMQ, Apigee, Azul Zing, Actuate BIRT reporting, Chef, Splunk, Rest-Assured, SoapUI, Dynatrace, and EnterpriseDB. In addition, Rohit has developed lambda architecture solutions using Apache Spark, Cassandra, and Camel for real-time analytics and integration projects.
Rohit has done MBA from Babson College in Corporate Entrepreneurship, Masters in Computer Science from Boston University and Harvard University. Rohit is a regular speaker at No Fluff Just Stuff, UberConf, RichWeb, GIDS, and other international conferences.
Rohit loves to connect on http://www.productivecloudinnovation.com.
http://linkedin.com/in/rohit-bhardwaj-cloud or using Twitter at rbhardwaj1.