Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Baking Security into your workflow - Early
Search
Tim Nash
January 01, 2017
Programming
0
970
Baking Security into your workflow - Early
A more Developer focused security talk, about security and automation.
Tim Nash
January 01, 2017
Tweet
Share
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
430
Come to the dark side, they have cookies
timnashcouk
0
1k
Come to the dark side
timnashcouk
0
58
Practical WordPress Security 2018
timnashcouk
0
290
Practical WordPress Security
timnashcouk
0
1.6k
HTTPS and You
timnashcouk
0
980
Security is Everyone responsibility
timnashcouk
0
1k
Other Decks in Programming
See All in Programming
From Spring Boot 2 to Spring Boot 3 with Java 22 and Jakarta EE
ivargrimstad
0
900
CircleCIを活用して AWSへの継続的デリバリーを 実践する
coconala_engineer
1
230
pixivアプリでマルチモジュールを実現するまで
gatosyocora
1
130
ADRを一年運用してみた/adr_after_a_year
hanhan1978
7
2.2k
Doctrine ORMでValue Objectを扱う方法4選 #phpstudy / 4 ways to handle Value Objects with Doctrine ORM
77web
4
110
ログラスを支える設計標準について / loglass-design-standards
urmot
10
2.1k
Micro Frontends for Java Microservices - Devnexus 2024
mraible
PRO
0
420
データアナリストが行うDatabricksを活用したETLの自動化事例
shinoa
0
250
Tailwind CSSを本気でカスタマイズする方法
fsubal
2
250
二郎系ラーメンのコールで学ぶ AST 解析
memory1994
PRO
7
1.7k
Site Reliability Engineering for GMO
pyama86
6
940
DMMプラットフォームがTiDB Cloudを採用した背景
pospome
8
3.6k
Featured
See All Featured
Making Projects Easy
brettharned
108
5.5k
Building Better People: How to give real-time feedback that sticks.
wjessup
354
18k
The Mythical Team-Month
searls
215
42k
A designer walks into a library…
pauljervisheath
199
23k
Fantastic passwords and where to find them - at NoRuKo
philnash
36
2.5k
Docker and Python
trallard
33
2.7k
Mobile First: as difficult as doing things right
swwweet
216
8.6k
Design by the Numbers
sachag
274
18k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
6
990
The Straight Up "How To Draw Better" Workshop
denniskardys
227
130k
VelocityConf: Rendering Performance Case Studies
addyosmani
320
23k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
104
6.6k
Transcript
Baking Security In To Your Workflow Tim Nash - @tnash
None
What is security?
Governance Security
Who is responsible?
YOU! [insert picture of crowd here]
What’s in scope?
Production
Staging?
Staging? Development?
Global workplace?
None
None
“I am not in the office at the moment. Send
any work to be translated”
Education, Education, Education
Tooling
Burp Suite OWASP Zap w3af sqlmap wfuzz Arachni
Automating security
You already do tests right?
Mittn BDD-Security gauntlt
Or use your existing tools
Keeping Secrets Safe
Vault credstash git crypt
Logging and Audit trails
Serverless Infrastructure
Containers & Orchestration
“Developers focus on solving a problem, security looks at what
else those solutions can be used for” Mark Nunnikhoven
Be a chaos monkey
None
Photo credits: Siobhan Hancock Daniel Foster David Goehring Jim Lukach
Rich Savage Stephen Bowler Found Art Photography Martin Kriebernegg Alvaro Carou Jumilia
WordPress Hosting Experts
Tim Nash @tnash timnash.co.uk @34SP 34SP.com