Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Baking Security into your workflow - Early
Search
Tim Nash
January 01, 2017
Programming
0
980
Baking Security into your workflow - Early
A more Developer focused security talk, about security and automation.
Tim Nash
January 01, 2017
Tweet
Share
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
470
Come to the dark side, they have cookies
timnashcouk
0
1.3k
Come to the dark side
timnashcouk
0
66
Practical WordPress Security 2018
timnashcouk
0
390
Practical WordPress Security
timnashcouk
0
1.7k
HTTPS and You
timnashcouk
0
1k
Security is Everyone responsibility
timnashcouk
0
1.1k
Other Decks in Programming
See All in Programming
意外と簡単!?フロントエンドでパスキー認証を実現する WebAuthn
teamlab
PRO
2
760
Processing Gem ベースの、2D レトロゲームエンジンの開発
tokujiros
2
130
そのAPI、誰のため? Androidライブラリ設計における利用者目線の実践テクニック
mkeeda
2
310
Swift Updates - Learn Languages 2025
koher
2
480
The Past, Present, and Future of Enterprise Java
ivargrimstad
0
390
AIを活用し、今後に備えるための技術知識 / Basic Knowledge to Utilize AI
kishida
22
5.8k
為你自己學 Python - 冷知識篇
eddie
1
350
時間軸から考えるTerraformを使う理由と留意点
fufuhu
16
4.8k
Oracle Database Technology Night 92 Database Connection control FAN-AC
oracle4engineer
PRO
1
450
請來的 AI Agent 同事們在寫程式時,怎麼用 pytest 去除各種幻想與盲點
keitheis
0
120
ぬるぬる動かせ! Riveでアニメーション実装🐾
kno3a87
1
220
250830 IaCの選定~AWS SAMのLambdaをECSに乗り換えたときの備忘録~
east_takumi
0
390
Featured
See All Featured
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
1.6k
Embracing the Ebb and Flow
colly
87
4.8k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
188
55k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
26
3k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.9k
Rebuilding a faster, lazier Slack
samanthasiow
83
9.2k
The World Runs on Bad Software
bkeepers
PRO
70
11k
Scaling GitHub
holman
463
140k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
36
2.5k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
7
840
Code Reviewing Like a Champion
maltzj
525
40k
Why Our Code Smells
bkeepers
PRO
339
57k
Transcript
Baking Security In To Your Workflow Tim Nash - @tnash
None
What is security?
Governance Security
Who is responsible?
YOU! [insert picture of crowd here]
What’s in scope?
Production
Staging?
Staging? Development?
Global workplace?
None
None
“I am not in the office at the moment. Send
any work to be translated”
Education, Education, Education
Tooling
Burp Suite OWASP Zap w3af sqlmap wfuzz Arachni
Automating security
You already do tests right?
Mittn BDD-Security gauntlt
Or use your existing tools
Keeping Secrets Safe
Vault credstash git crypt
Logging and Audit trails
Serverless Infrastructure
Containers & Orchestration
“Developers focus on solving a problem, security looks at what
else those solutions can be used for” Mark Nunnikhoven
Be a chaos monkey
None
Photo credits: Siobhan Hancock Daniel Foster David Goehring Jim Lukach
Rich Savage Stephen Bowler Found Art Photography Martin Kriebernegg Alvaro Carou Jumilia
WordPress Hosting Experts
Tim Nash @tnash timnash.co.uk @34SP 34SP.com
timnashcouk
teamlab
tokujiros
mkeeda
koher
ivargrimstad
kishida
eddie
fufuhu
oracle4engineer
keitheis
kno3a87
east_takumi
garrettdimon
colly
soudai
eileencodes
danielanewman
samanthasiow
bkeepers
holman
addyosmani
maltzj
![YOU! [insert picture of crowd here]](https://files.speakerdeck.com/presentations/cc3485e44cb94e71b6ee991e2c0f6ab0/slide_5.jpg){kind=link}
