Baking Security into your workflow - Early

A more Developer focused security talk, about security and automation.

Tim Nash

January 01, 2017

More Decks by Tim Nash

See All by Tim Nash

Testing Fortifications - WordCamp Brighton

0

470

Come to the dark side, they have cookies

0

1.4k

Come to the dark side

0

70

Practical WordPress Security 2018

0

410

Practical WordPress Security

0

1.7k

0

1k

Security is Everyone responsibility

0

1.1k

Other Decks in Programming

See All in Programming

それはエンジニアリングの糧である：AI開発のためにAIのOSSを開発する現場より / It serves as fuel for engineering: insights from the field of developing open-source AI for AI development.

1

820

RailsのValidatesをSwift Macrosで再現してみた

0

150

20260313 - Grafana & Friends Taipei #1 - Kubernetes v1.36 的開發雜記：那些困在 Alpha 加護病房太久的 Metrics

0

250

Kubernetesでセルフホストが簡単なNewSQLを求めて / Seeking a NewSQL Database That's Simple to Self-Host on Kubernetes

0

190

Codex CLIのSubagentsによる並列API実装 / Parallel API Implementation with Codex CLI Subagents

2

770

最初からAWS CDKで技術検証してもいいんじゃない？

4

180

2026-03-27 #terminalnight 変数展開とコマンド展開でターミナル作業をスマートにする方法

0

270

我々はなぜ「層」を分けるのか〜「関心の分離」と「抽象化」で手に入れる変更に強いシンプルな設計〜 #phperkaigi / PHPerKaigi 2026

2

750

AI 開発合宿を通して得た学び

PRO

0

190

Redox OS でのネームスペース管理と chroot の実現

0

500

AI Assistants for YourAngular Solutions @Angular Graz, March 2026

PRO

0

140

事業会社でのセキュリティ長期インターンについて

0

210

Featured

See All Featured

コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI

61

43k

実際に使うSQLの書き方徹底解説 / pgcon21j-tutorial

PRO

199

73k

Building Flexible Design Systems

yeseniaperezcruz

330

40k

Easily Structure & Communicate Ideas using Wireframe

194

17k

Chasing Engaging Ingredients in Design

0

160

個人開発の失敗を避けるイケてる考え方 / tips for indie hackers

122

21k

The Invisible Side of Design

302

51k

DevOps and Value Stream Thinking: Enabling flow, efficiency and business value

1

160

Mobile First: as difficult as doing things right

225

10k

The untapped power of vector embeddings

2

1.7k

A brief & incomplete history of  UX Design for the World Wide Web: 1989–2019

1

340

Making Projects Easy

120

6.6k

Transcript

Baking Security  In To Your Workﬂow Tim Nash - @tnash
None
What is security?
Governance Security
Who is responsible?
YOU! [insert picture of crowd here]
What’s in scope?
Production
Staging?
Staging? Development?
Global workplace?
None
None
“I am not in the ofﬁce at the moment. Send
any work to be translated”
Education, Education, Education
Tooling
Burp Suite OWASP Zap w3af sqlmap wfuzz Arachni
Automating security
You already do tests right?
Mittn BDD-Security gauntlt
Or use your existing tools
Keeping Secrets Safe
Vault credstash git crypt
Logging and Audit trails
Serverless Infrastructure
Containers & Orchestration
“Developers focus on solving a problem, security looks at what
else those solutions can be used for” Mark Nunnikhoven
Be a chaos monkey
None
Photo credits: Siobhan Hancock Daniel Foster David Goehring Jim Lukach
Rich Savage Stephen Bowler Found Art Photography Martin Kriebernegg Alvaro Carou Jumilia
WordPress Hosting Experts
Tim Nash @tnash timnash.co.uk @34SP  34SP.com