Building an effective application security pipeline is the necessary
step for each company to establish a meticulous appsec program. Create
secure software is more than run a penetration test or a code review,
just before the deploy and having some automatism can help you in have
a low error rate process.
In this talk we will go through the pipeline building process,
explaining how to automate some boring tasks dedicating ourself to
having fun, playing tricks like pros. At the end of our journey both
tech people than security managers, will have the feeling that using
the pipeline approach, they can lower vulnerabilities, with an
affordable time to market so to make the bosses happy.