More talks in the program:
10:00 - 10:50
Are you tired of slow, inaccurate, and painful static and dynamic scanners? Of security vendors putting DevOps lipstick on their legacy tools? In this talk, we will create a continuous, effective, and scalable DevSecOps pipeline using free security tools that leverage the power of instrumentation – like AppD for security. We’ll show you how to get started with IAST (Interactive Application Security Testing) to instantly and accurately pinpoint vulnerabilities in your applications and APIs while you code and test. We’ll also set up OSS (Open Source Security) to analyze your libraries for vulnerabilities without scanning. Then we’ll show you how to enable RASP (Runtime Application Self-Protection) to gain full application security visibility and protection in production. Finally, we’ll show you how to integrate all this telemetry into tools your teams already use (like Eclipse, IDEA, Slack, GitHub, JIRA, Jenkins, Splunk) using powerful plugins and comprehensive APIs.