In this automatic episode of the Exploring Information Security podcast, Jimmy Byrd joins the show to discuss his DerbyCon talk, "Security automation in your continuous integration pipeline."
Jimmy (@jimmy_byrd) is the lead developer at Binary Defense. Recently, he was accepted to speak at DerbyCon. He will be speaking Saturday September 24, 2016, in the stable talk track. His topic is on integrating security into the automation part of the software development life cycle (SDLC).
Jimmy's DerbyCon talk is available here.
In this episode we discuss:
- What is the SDLC?
- What is continuous integration?
- Why getting security automated in the SDLC is important
- How to get security automated in the SDLC
- Jimmy Byrd's website
- Binary Defense Systems
- Slides for the talk
- OWASP AppSec Pipeline (Project has been renamed to Glue)
- OWASP Zed Attack Proxy
- Talking AppSec to 11: Pipeline, DevOps, and making things better - Matt Tesauro - Appsec CA 2016
- Design Approaches for Security Automation - Peleus Uhley - AppSec California 2016