Panel Discussion: API Security in DevSecOps. Register Now

Panel Discussion: API Security in DevSecOps. Register Now

Panel Discussion: API Security in DevSecOps. Register Now

Home

/

Events

DevSecOps talk
DevSecOps talk
DevSecOps talk

In-person

Roadmap to DevSecOps Adoption with OWASP Bay Area

Oct 19, 2023 at 6:45 PM

Roadmap to DevSecOps Adoption with Case Studies: 45-Minute Talk

Event Details:

  • Date: Oct 19, 2023

  • Time: Thursday, Oct 19, 6:45pm PDT to 7:30pm

  • Duration: 45 mins

  • Location: Semgrep Office

  • Format: Interactive talk

  • Drinks and Food provided at the venue: Yes

Introduction (5 minutes)

  • Brief on traditional DevOps.

  • The rising need for security: Introducing DevSecOps.

  • The benefits of integrating security into the CI/CD pipeline.

Key Principles of DevSecOps (5 minutes)

  • DevSecOps vs. traditional security models.

  • The continuous nature of DevSecOps: Continuous Integration, Continuous Delivery, Continuous Security.

  • "Shift Left" philosophy: Implementing security in the early stages.

  • Automation: Making security checks automated and integral to the pipeline.

  • Collaboration: Breaking silos between Dev, Ops, and Security teams.

Starting the Journey - Cultural Shift (5 minutes)

  • Building a collaborative culture: Communication and training.

  • Security as everyone's responsibility.

Setting up Your Toolchain (15 minutes)

  • Identifying the right tools for:

    • Static Application Security Testing (SAST)

    • Dynamic Application Security Testing (DAST)

    • Interactive Application Security Testing (IAST)

  • Integrating these tools into the CI/CD pipeline.

  • Continuous monitoring and real-time feedback loops.

Key Challenges in DevSecOps Adoption (10 minutes)

  • Resistance to change.

  • Addressing false positives in automated security checks.

  • Balancing speed with security.

  • Continuous training and staying updated with evolving threats.

Best Practices (7 minutes)

  • Regularly updating and patching tools and systems.

  • Collaborative threat modeling.

  • Continuous feedback loop: Learning from security incidents.

  • Prioritizing security debts alongside other technical debts.

Measuring Success (3 minutes)

  • Key Performance Indicators (KPIs) for DevSecOps.

    • Reduced number of security incidents.

    • Faster incident response time.

    • Number of vulnerabilities detected and addressed in the early stages.

Learn more about Akto's API Security Roadshow

Register now

Register now

Register now

Register now

Speakers

Ankita Gupta

Ankita Gupta

CEO & Co-Founder at Akto

Ankush Jain

Ankush Jain

CTO & Co-Founder at Akto

Register now

More events

Akto at LasCon 2024
Akto at LasCon 2024

Meet Us at Akto Booth at LasCon 2024

Akto at BSides NYC
Akto at BSides NYC

Meet Us at Akto Booth at BSides NYC

Webinar on Moving from Traditional DAST to Modern API Scanners: Guide for Appsec Teams
Webinar on Moving from Traditional DAST to Modern API Scanners: Guide for Appsec Teams

Moving from Traditional DAST to Modern API Scanners: With Jim Manico

Akto at LasCon 2024

Meet Us at Akto Booth at LasCon 2024

Akto at BSides NYC

Meet Us at Akto Booth at BSides NYC

Akto named as Representative Vendor in 2024 Gartner® Market Guide for API Protection

Cybersecurity attacks that use APIs as an attack vector constitute a major threat to your sensitive data. Get this market guide to see how tools like Akto can help secure your organization’s APIs.

Get the report

Get the report