Continuous Security: Building Security Into Your Pipelines

In the world of continuous delivery and cloud native, the boundaries between what is our application and what constitutes infrastructure is becoming increasing blurred. Our workloads, the containers they ship in and our platform configuration are now often developed and deployed by the same teams, and development velocity is the key metric to success. This presents us with a challenge, which the previous models of security as a final external gatekeeper step cannot keep up with. To ensure our apps and platforms are secure, we need to integrate security at all stages of our pipelines as well as ensure that our developers and engineering teams have tools and data that enable them to make decisions about security on an ongoing basis. In this session, Matt Jarvis will talk through the problem space, look at the kinds of security issues we need to consider and look at where the integration points are to build in security as part of the CI/CD process.

Speakers

 

   Matt Jarvis

   Senior Developer Advocate

   Snyk