The date for the release of slides and videos has not been determined.  
Please, visit the event site for further information.
Back To Schedule
Thursday, May 30 • 11:05am - 11:35am
DevSecOps with OWASP DevSlop

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The OWASP DevSlop team is dedicated to learning and teaching DevSecOps via examples, and “Patty the Pipeline” is no exception: we ensure all the 3rd party components are known-secure, retrieve secrets from a secret store, and the code must pass negative unit tests, dynamic application security testing (DAST), static application security testing (SAST), and encryption and infrastructure VA verification.  This entire system/project is open-sourced as part of the OWASP DevSlop project on GitHub and as live streaming and recorded videos, so that developers can watch each of the lessons, add it to their own pipelines, giving them a head start on DevSecOps. The talk will consist mostly of a start-to-finish demo of each part of the pipeline. Tools showcased include SSL Labs, White Source Bolt, Azure DevOps Security Toolkit and OWASP Zap. Supporting videos available here: https://aka.ms/DevSlopSho

avatar for Nancy Gariché

Nancy Gariché

Volunteer, OWASP
In the early 2000's, this speaker joined the Canadian federal government as a computer science CO-OP student and never left. In 2009, she moved to Ottawa from Montreal, his/her beloved hometown, to land her first IT security job as a security analyst. This multi-hatted role gave her... Read More →
avatar for Tanya Janca

Tanya Janca

CEO and Founder, We Hack Purple
Tanya Janca, also known as SheHacksPurple, is the author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and weekly podcast that revolves around creating secure software. Tanya has been coding and... Read More →

Thursday May 30, 2019 11:05am - 11:35am IDT
Hall C