Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Baking Security into your workflow - Early
Search
Tim Nash
January 01, 2017
Programming
0
980
Baking Security into your workflow - Early
A more Developer focused security talk, about security and automation.
Tim Nash
January 01, 2017
Tweet
Share
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
450
Come to the dark side, they have cookies
timnashcouk
0
1.2k
Come to the dark side
timnashcouk
0
62
Practical WordPress Security 2018
timnashcouk
0
340
Practical WordPress Security
timnashcouk
0
1.6k
HTTPS and You
timnashcouk
0
1k
Security is Everyone responsibility
timnashcouk
0
1.1k
Other Decks in Programming
See All in Programming
AWS IaCの注目アップデート 2024年10月版
konokenj
3
3.3k
Realtime API 入門
riofujimon
0
150
色々なIaCツールを実際に触って比較してみる
iriikeita
0
330
最新TCAキャッチアップ
0si43
0
140
エンジニアとして関わる要件と仕様(公開用)
murabayashi
0
290
Contemporary Test Cases
maaretp
0
140
Pinia Colada が実現するスマートな非同期処理
naokihaba
4
220
NSOutlineView何もわからん:( 前編 / I Don't Understand About NSOutlineView :( Pt. 1
usagimaru
0
330
Flutterを言い訳にしない!アプリの使い心地改善テクニック5選🔥
kno3a87
1
170
Streams APIとTCPフロー制御 / Web Streams API and TCP flow control
tasshi
2
350
シェーダーで魅せるMapLibreの動的ラスタータイル
satoshi7190
1
480
Generative AI Use Cases JP (略称:GenU)奮闘記
hideg
1
290
Featured
See All Featured
Writing Fast Ruby
sferik
627
61k
Faster Mobile Websites
deanohume
305
30k
Building Adaptive Systems
keathley
38
2.3k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
Facilitating Awesome Meetings
lara
50
6.1k
Thoughts on Productivity
jonyablonski
67
4.3k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
10
720
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.1k
Why Our Code Smells
bkeepers
PRO
334
57k
Fantastic passwords and where to find them - at NoRuKo
philnash
50
2.9k
How STYLIGHT went responsive
nonsquared
95
5.2k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
126
18k
Transcript
Baking Security In To Your Workflow Tim Nash - @tnash
None
What is security?
Governance Security
Who is responsible?
YOU! [insert picture of crowd here]
What’s in scope?
Production
Staging?
Staging? Development?
Global workplace?
None
None
“I am not in the office at the moment. Send
any work to be translated”
Education, Education, Education
Tooling
Burp Suite OWASP Zap w3af sqlmap wfuzz Arachni
Automating security
You already do tests right?
Mittn BDD-Security gauntlt
Or use your existing tools
Keeping Secrets Safe
Vault credstash git crypt
Logging and Audit trails
Serverless Infrastructure
Containers & Orchestration
“Developers focus on solving a problem, security looks at what
else those solutions can be used for” Mark Nunnikhoven
Be a chaos monkey
None
Photo credits: Siobhan Hancock Daniel Foster David Goehring Jim Lukach
Rich Savage Stephen Bowler Found Art Photography Martin Kriebernegg Alvaro Carou Jumilia
WordPress Hosting Experts
Tim Nash @tnash timnash.co.uk @34SP 34SP.com
timnashcouk
konokenj
riofujimon
iriikeita
0si43
murabayashi
maaretp
naokihaba
usagimaru
kno3a87
tasshi
satoshi7190
hideg
sferik
deanohume
keathley
bermonpainter
lara
jonyablonski
honnibal
eileencodes
bkeepers
philnash
nonsquared
morganepeng
![YOU! [insert picture of crowd here]](https://files.speakerdeck.com/presentations/cc3485e44cb94e71b6ee991e2c0f6ab0/slide_5.jpg){kind=link}
