Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Baking Security into your workflow - Early
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Tim Nash
January 01, 2017
Programming
990
0
Share
Baking Security into your workflow - Early
A more Developer focused security talk, about security and automation.
Tim Nash
January 01, 2017
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
470
Come to the dark side, they have cookies
timnashcouk
0
1.4k
Come to the dark side
timnashcouk
0
77
Practical WordPress Security 2018
timnashcouk
0
430
Practical WordPress Security
timnashcouk
0
1.7k
HTTPS and You
timnashcouk
0
1k
Security is Everyone responsibility
timnashcouk
0
1.1k
Other Decks in Programming
See All in Programming
The Arts and Crafts of Work in the AI Era — Toward Mastery in Software Development
kuranuki
1
720
AIエージェントの隔離技術の徹底比較
kawayu
0
460
メソッドのジェネリクスでGoの夢は広がるか? / Kyoto.go #65
utgwkk
3
480
さぁV100、メモリをお食べ・・・
nilpe
0
130
Swiftのレキシカルスコープ管理
kntkymt
0
210
ビジネスモデルから紐解く、AI+型駆動開発
hirokiomote
2
5.2k
Spec-Driven Development with AI-Agents: From High-Level Requirements to Working Software
antonarhipov
2
440
Migrations : C'est une question d'hygiène !
vinceamstoutz
0
3.2k
DynamoDBには集計系のクエリがないけどなんとかしたい
musan
1
130
CSC307 Lecture 17
javiergs
PRO
0
310
AI駆動開発で崩れていくコードベースを立て直す
kyoko_nr_nr
1
430
ユニットテストの先へ:テスト技法で要求・仕様を整理するJava開発実践 / Beyond_Unit_Testing_Practical_Java_Development_Techniques_for_Organizing_Requirements_and_Specifications
shimashima35
0
350
Featured
See All Featured
Imperfection Machines: The Place of Print at Facebook
scottboms
270
14k
Art, The Web, and Tiny UX
lynnandtonic
304
22k
How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.
livdayseo
0
130
Git: the NoSQL Database
bkeepers
PRO
432
67k
Music & Morning Musume
bryan
47
7.2k
Kristin Tynski - Automating Marketing Tasks With AI
techseoconnect
PRO
0
270
Side Projects
sachag
455
43k
Writing Fast Ruby
sferik
630
63k
Breaking role norms: Why Content Design is so much more than writing copy - Taylor Woolridge
uxyall
0
310
New Earth Scene 8
popppiees
3
2.3k
Gemini Prompt Engineering: Practical Techniques for Tangible AI Outcomes
mfonobong
2
420
Navigating the Design Leadership Dip - Product Design Week Design Leaders+ Conference 2024
apolaine
1
340
Transcript
Baking Security In To Your Workflow Tim Nash - @tnash
None
What is security?
Governance Security
Who is responsible?
YOU! [insert picture of crowd here]
What’s in scope?
Production
Staging?
Staging? Development?
Global workplace?
None
None
“I am not in the office at the moment. Send
any work to be translated”
Education, Education, Education
Tooling
Burp Suite OWASP Zap w3af sqlmap wfuzz Arachni
Automating security
You already do tests right?
Mittn BDD-Security gauntlt
Or use your existing tools
Keeping Secrets Safe
Vault credstash git crypt
Logging and Audit trails
Serverless Infrastructure
Containers & Orchestration
“Developers focus on solving a problem, security looks at what
else those solutions can be used for” Mark Nunnikhoven
Be a chaos monkey
None
Photo credits: Siobhan Hancock Daniel Foster David Goehring Jim Lukach
Rich Savage Stephen Bowler Found Art Photography Martin Kriebernegg Alvaro Carou Jumilia
WordPress Hosting Experts
Tim Nash @tnash timnash.co.uk @34SP 34SP.com
timnashcouk
kuranuki
kawayu
utgwkk
nilpe
kntkymt
hirokiomote
antonarhipov
vinceamstoutz
musan
javiergs
kyoko_nr_nr
shimashima35
scottboms
lynnandtonic
livdayseo
bkeepers
bryan
techseoconnect
sachag
sferik
uxyall
popppiees
mfonobong
apolaine
![YOU! [insert picture of crowd here]](https://files.speakerdeck.com/presentations/cc3485e44cb94e71b6ee991e2c0f6ab0/slide_5.jpg){kind=link}
