Inserting Code Analysis into CI w/o Slowing Builds Down

  • Date 20 Nov 2019 - Wednesday

Inserting Code Analysis into CI w/o Slowing Builds Down

20 Nov 2019, 13:25 - 13:45

Innovation Stage
Language:
English

This session will cover a demonstration of static application security testing (SAST) can be inserted into CI tools to analysis each build w/o out slowing down release velocity. The approach described is comprehensive, analyzing custom code, open source libraries, SDKs and APIs, and fast scanning 1,000,000 lines of code in under 15 minutes.

Learning Outcomes:

  • Secure every versions of every release
  • Insert security into DevOps pipelines
  • Shift AppSec further left
  • Bring security and development teams closer together
  • Fix vulnerabilities faster and more efficiently

 

Contributors

  • John McDonald

    Speaker

    Director of Engineering

    ShiftLeft

    Mr. McDonald has 20+ years of cybersecurity and application development experience. In 1997, as a security architect, he worked closely with...

Sponsors

ShiftLeft

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies.