Upgrade your DevOps to SecDevOps at RootedCon

 | Continuum Blog, SecDevOps

Join our CTO Paul Santapau at RootedCon in Madrid, where he’ll be presenting a talk on implementing security in DevOps cultures.

Paul Santapau

Integrating security into agile development methodologies poses unique challenges to both the security and development teams. These are particularly striking in continuous delivery (CD) processes where the rate of code deploys and automated testing cycles are too rapid for manual techniques. DevOps practices have added another twist to the story by increasing communication and collaboration between different teams (Dev, Ops and Security) and reducing the time between code change to deployment in a live environment even more.

The aim of this talk is to demonstrate how we can embed security practices into modern DevOps software development environments. In order to do so, we’ll introduce concepts such as Agile Threat Modeling, Security Touch Points related to different phases of the SDLC and automating both security vulnerability testing and the verification of security controls using our open source BDD-Security testing framework.

Did you like this article?

  • Adam Shostack joins Continuum Security’s board
    Adam Shostack joins Continuum Security’s boardWe at Continuum Security are absolutely delighted to announce that Adam Shostack has joined our Advisory Board. Adam brings with him considerable experience and wealth of knowledge that dovetails perfectly with Continuum Security’s mission to bring security into the software design & development process through threat modeling. Whilst at Microsoft, Adam was the lead designer […]READ MORE
  • Building GDPR compliant software with IriusRisk
    Building GDPR compliant software with IriusRiskThe EU General Data Protection Regulation (GDPR) comes into effect on the 4th May 2018 and has wide ranging implications for any company anywhere that processes the personal data of EU citizens.  A lot has been written about how GDPR applies at the organisation level, and what general controls should be in place to comply with […]READ MORE
  • Schedule a meeting with us at RSA to discuss #EasyThreatModeling
    Schedule a meeting with us at RSA to discuss #EasyThreatModelingThe Continuum Security team will be at RSA in San Francisco to answer all your threat modeling and DevSecOps questions.  Threat Modeling is often seen as a complex activity that can only be performed by skilled security analysts who have to invest significant time and energy into producing a useful threat model and its corresponding […]READ MORE