Saturday 30th September 15:00 - 15:50

Security is often the after thought, something you do when the tests are passing, or worse handled by that other team. It's often complex and time consuming to test and fix all the issues that come from such audits. The reality is security can and should be at the heart of development, not something done at the end of the project but as an integral part of everyones workflow. This talk looks at how security practices can be introduced to Dev and Op workflows, how automation is key component in such integrations. Using both tools from InfoSec toolbox and tooling that already exists within already existing dev workflows to implement security testing at the application and code level. Security is everyones responsibility and should never be an after thought or someone else issue, nor should it prevent an efficient workflow.