Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Baking Security into your workflow - Early
Search
Tim Nash
January 01, 2017
Programming
0
980
Baking Security into your workflow - Early
A more Developer focused security talk, about security and automation.
Tim Nash
January 01, 2017
Tweet
Share
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
470
Come to the dark side, they have cookies
timnashcouk
0
1.3k
Come to the dark side
timnashcouk
0
66
Practical WordPress Security 2018
timnashcouk
0
390
Practical WordPress Security
timnashcouk
0
1.7k
HTTPS and You
timnashcouk
0
1k
Security is Everyone responsibility
timnashcouk
0
1.1k
Other Decks in Programming
See All in Programming
CSC509 Lecture 03
javiergs
PRO
0
340
Six and a half ridiculous things to do with Quarkus
hollycummins
0
180
CSC305 Lecture 08
javiergs
PRO
0
230
Pull-Requestの内容を1クリックで動作確認可能にするワークフロー
natmark
2
520
フロントエンド開発のためのブラウザ組み込みAI入門
masashi
5
2.5k
iOSエンジニア向けの英語学習アプリを作る!
yukawashouhei
0
200
CSC305 Lecture 04
javiergs
PRO
0
270
AI駆動で0→1をやって見えた光と伸びしろ
passion0102
1
480
Android16 Migration Stories ~Building a Pattern for Android OS upgrades~
reoandroider
0
130
コードとあなたと私の距離 / The Distance Between Code, You, and I
hiro_y
0
170
Things You Thought You Didn’t Need To Care About That Have a Big Impact On Your Job
hollycummins
0
230
uniqueパッケージの内部実装を支えるweak pointerの話
magavel
0
1k
Featured
See All Featured
jQuery: Nuts, Bolts and Bling
dougneiner
65
7.9k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
34
2.3k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.2k
Six Lessons from altMBA
skipperchong
29
4k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
253
22k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
115
20k
Code Review Best Practice
trishagee
72
19k
Building an army of robots
kneath
306
46k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
190
55k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
9
910
Agile that works and the tools we love
rasmusluckow
331
21k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Transcript
Baking Security In To Your Workflow Tim Nash - @tnash
None
What is security?
Governance Security
Who is responsible?
YOU! [insert picture of crowd here]
What’s in scope?
Production
Staging?
Staging? Development?
Global workplace?
None
None
“I am not in the office at the moment. Send
any work to be translated”
Education, Education, Education
Tooling
Burp Suite OWASP Zap w3af sqlmap wfuzz Arachni
Automating security
You already do tests right?
Mittn BDD-Security gauntlt
Or use your existing tools
Keeping Secrets Safe
Vault credstash git crypt
Logging and Audit trails
Serverless Infrastructure
Containers & Orchestration
“Developers focus on solving a problem, security looks at what
else those solutions can be used for” Mark Nunnikhoven
Be a chaos monkey
None
Photo credits: Siobhan Hancock Daniel Foster David Goehring Jim Lukach
Rich Savage Stephen Bowler Found Art Photography Martin Kriebernegg Alvaro Carou Jumilia
WordPress Hosting Experts
Tim Nash @tnash timnash.co.uk @34SP 34SP.com
timnashcouk
javiergs
hollycummins
natmark
masashi
yukawashouhei
passion0102
reoandroider
hiro_y
magavel
dougneiner
marcduiker
sergeychernyshev
skipperchong
smashingmag
panda_program
trishagee
kneath
soudai
addyosmani
rasmusluckow
garrettdimon
![YOU! [insert picture of crowd here]](https://files.speakerdeck.com/presentations/cc3485e44cb94e71b6ee991e2c0f6ab0/slide_5.jpg){kind=link}
