Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Baking Security into your workflow - Early

Tim Nash
January 01, 2017
Programming
0
970

Baking Security into your workflow - Early

A more Developer focused security talk, about security and automation.

Tim Nash

January 01, 2017
Tweet

More Decks by Tim Nash

See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
430
Come to the dark side, they have cookies
timnashcouk
0
1k
Come to the dark side
timnashcouk
0
58
Practical WordPress Security 2018
timnashcouk
0
290
Practical WordPress Security
timnashcouk
0
1.6k
HTTPS and You
timnashcouk
0
980
Security is Everyone responsibility
timnashcouk
0
1k

Other Decks in Programming

See All in Programming
From Spring Boot 2 to Spring Boot 3 with Java 22 and Jakarta EE
ivargrimstad
0
900
CircleCIを活用して AWSへの継続的デリバリーを 実践する
coconala_engineer
1
230
pixivアプリでマルチモジュールを実現するまで
gatosyocora
1
130
ADRを一年運用してみた/adr_after_a_year
hanhan1978
7
2.2k
Doctrine ORMでValue Objectを扱う方法4選 #phpstudy / 4 ways to handle Value Objects with Doctrine ORM
77web
4
110
ログラスを支える設計標準について / loglass-design-standards
urmot
10
2.1k
Micro Frontends for Java Microservices - Devnexus 2024
mraible
PRO
0
420
データアナリストが行うDatabricksを活用したETLの自動化事例
shinoa
0
250
Tailwind CSSを本気でカスタマイズする方法
fsubal
2
250
二郎系ラーメンのコールで学ぶ AST 解析
memory1994
PRO
7
1.7k
Site Reliability Engineering for GMO
pyama86
6
940
DMMプラットフォームがTiDB Cloudを採用した背景
pospome
8
3.6k

Featured

See All Featured
Making Projects Easy
brettharned
108
5.5k
Building Better People: How to give real-time feedback that sticks.
wjessup
354
18k
The Mythical Team-Month
searls
215
42k
A designer walks into a library…
pauljervisheath
199
23k
Fantastic passwords and where to find them - at NoRuKo
philnash
36
2.5k
Docker and Python
trallard
33
2.7k
Mobile First: as difficult as doing things right
swwweet
216
8.6k
Design by the Numbers
sachag
274
18k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
6
990
The Straight Up "How To Draw Better" Workshop
denniskardys
227
130k
VelocityConf: Rendering Performance Case Studies
addyosmani
320
23k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
104
6.6k

Transcript

  1. Baking Security
 In To Your Workflow Tim Nash - @tnash

  2. None

  3. What is security?

  4. Governance Security

  5. Who is responsible?

  6. YOU! [insert picture of crowd here]

  7. What’s in scope?

  8. Production

  9. Staging?

  10. Staging? Development?

  11. Global workplace?

  12. None
  13. None

  14. “I am not in the office at the moment. Send

    any work to be translated”

  15. Education, Education, Education

  16. Tooling

  17. Burp Suite OWASP Zap w3af sqlmap wfuzz Arachni

  18. Automating security

  19. You already do tests right?

  20. Mittn BDD-Security gauntlt

  21. Or use your existing tools

  22. Keeping Secrets Safe

  23. Vault credstash git crypt

  24. Logging and Audit trails

  25. Serverless Infrastructure

  26. Containers & Orchestration

  27. “Developers focus on solving a problem, security looks at what

    else those solutions can be used for” Mark Nunnikhoven

  28. Be a chaos monkey

  29. None

  30. Photo credits: Siobhan Hancock Daniel Foster David Goehring Jim Lukach

    Rich Savage Stephen Bowler Found Art Photography Martin Kriebernegg Alvaro Carou Jumilia

  31. WordPress Hosting Experts

  32. Tim Nash @tnash timnash.co.uk @34SP
 34SP.com