Tim is the platform lead at 34SP.com for their Managed WordPress product in addition to being the company's developer advocate. One day he will work out what either of those job titles means. Until he does he spends his day in a mix of dev, security, ops and project management as well as speaking at user groups and conferences. He also helps run WordPress Leeds and writes for several publications including his own site timnash.co.uk.
Saturday 30th September 15:00 - 15:50
Security is often the after thought, something you do when the tests are passing, or worse handled by that other team. It's often complex and time consuming to test and fix all the issues that come from such audits. The reality is security can and should be at the heart of development, not something done at the end of the project but as an integral part of everyones workflow. This talk looks at how security practices can be introduced to Dev and Op workflows, how automation is key component in such integrations. Using both tools from InfoSec toolbox and tooling that already exists within already existing dev workflows to implement security testing at the application and code level. Security is everyones responsibility and should never be an after thought or someone else issue, nor should it prevent an efficient workflow.