Over the past decade, DevOps has solidified itself as the best-in-class way for engineering teams to build, deliver, and operate software. Software companies that have started in more recent years have had the fortune of being able to bake DevOps in from the beginning, and older companies know that DevOps is the future. With this proven model, however, application security has not kept up.
The current application security model is broken. While operations and QA were “shifting left,” embracing automation and dev-first tooling, application security stayed stagnant. Many application security teams today still rely on infrequent production-only scans, outdated tooling, and internal cultural processes that prevent scaling. In this talk, StackHawk Founder & CEO, Joni Klippert, will dig into her learnings from building DevOps focused VictorOps from seed stage to its acquisition by Splunk and where the future of application security is headed. Learn how engineering teams can take ownership of their AppSec, the role security teams can play in building infrastructure for secure application development, and how this all can be automated in the pipeline.