Loading…

The Open Web Application Security Project (OWASP) Los Angeles Chapter is teaming up with the Orange County, San Diego, SF Bay Area, and the Inland Empire chapters to bring you the FIFTH Annual AppSec California. The event is a one of a kind experience for information security professionals, developers, and QA and testing professionals, as they gather at the beach from around the world to learn and share knowledge and experiences about secure systems and secure development methodologies.

One and Two-day training sessions on various subjects by expert trainers kick off the conference on January 28th. World renown speakers follow on days three and four.

There will be four concurrent tracks throughout the day on both January 30 and 31, addressing a variety of topics to enhance knowledge.

Tuesday, January 30 • 10:45am - 11:35am
DevOps Is Automation, DevSecOps Is People

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Abstract
A lot of appsec boils down to DevOps ideals like feedback loops, automation, and flexibility to respond to situations quickly. DevOps has the principles to support security, it should have to knowledge and tools to apply it. Real-world appsec deals with constraints like time, budget, and resources. Navigating these trade-offs requires building skills in collaboration and informed decision-making. On the technology side, we have containers, top 10 lists, and tools. Whether we are focused on more efficient meetings or trying to driving change across an organization, we need equal attention on techniques that make the social aspects of security successful. We build automation with apps. We build relationships with people. This presentation explores methods for establishing incentives, encouraging participation, providing constructive feedback, and reaching goals as a team. It shows different ways to use metrics and communication to drive positive behaviors. These are important skills not only for managing teams, but for influencing appsec among peers and growing a career.Security is an integral part of DevOps. And, yes, it's made of people.

Speakers
avatar for Mike Shema

Mike Shema

VP of SecOps and Research, Cobalt.io
Mike Shema is VP of SecOps and Research at Cobalt.io. Mike's experience with information security includes managing product security teams, building web application scanners, and consulting across a range of infosec topics. He's put this experience into books like Anti-Hacker Tool... Read More →


Tuesday January 30, 2018 10:45am - 11:35am
Club Room