Inserting Code Analysis into CI w/o Slowing Builds Down
-
- Add to calendar
-
- Add to favourites
-
-
Inserting Code Analysis into CI w/o Slowing Builds Down
20 Nov 2019, 13:25 - 13:45
Innovation Stage
- Language:
- English
This session will cover a demonstration of static application security testing (SAST) can be inserted into CI tools to analysis each build w/o out slowing down release velocity. The approach described is comprehensive, analyzing custom code, open source libraries, SDKs and APIs, and fast scanning 1,000,000 lines of code in under 15 minutes.
Learning Outcomes:
- Secure every versions of every release
- Insert security into DevOps pipelines
- Shift AppSec further left
- Bring security and development teams closer together
- Fix vulnerabilities faster and more efficiently
Contributors
-
Speaker
Director of Engineering
ShiftLeft
Mr. McDonald has 20+ years of cybersecurity and application development experience. In 1997, as a security architect, he worked closely with...