Name: Monitoring Application Attack Surface and Integrating Security into DevOps Pipelines
Start: 2017-09-22T10:30:00-0400
End: 2017-09-22T11:15:00-0400

Back To Schedule

Monitoring Application Attack Surface and Integrating Security into DevOps Pipelines

Feedback form is now closed.

A web application’s attack surface is the combination of URLs it will respond to as well as the inputs to those URLs that can change the behavior of the application. Understanding an application’s attack surface is critical to being able to provide sufficient security test coverage, and by watching an application’s attack surface change over time security and development teams can help target and optimize testing activities. This presentation looks at methods of calculating web application attack surface and tracking the evolution of attack surface over time. In addition, it looks at metrics and thresholds that can be used to craft policies for integrating different testing activities into Continuous Integration / Continuous Delivery (CI/CD) pipelines for teams integrating security into their DevOps practices.

Speakers

Dan Cornell

Vice President, Product Strategy, COALFIRE

A globally recognized software security expert, Dan Cornell has over 20 years of experience architecting, developing and securing software systems. As Vice President of Product Strategy at Coalfire, Dan works with customers and industry partners to help drive the direction of their... Read More →

Friday September 22, 2017 10:30am - 11:15am EDT
Coronado H

DevOpsSec

Attendees (70)

A
D
b
i
B
J
O
m
B
K
View All →

AppSec USA 2017

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Dan Cornell

Attendees (70)