Skip to content

DevOps Security: Turn Security into Code [RSA Preview]

DevOps Security: Turn Security into Code [RSA Preview]

DevOpsConnect329x61.pngThe San Francisco edition of the annual RSA security conference is just around the corner. DevOps security is a hot topic right now, and the RSA schedule includes a day-long seminar dubbed "DevOps Connect: DevSecOps Edition."

The list of security experts scheduled to present during that day-long DevOps Summit includes Jeff Williams, CTO and co-founder of Contrast Security and a founding member of the Open Web Application Security Project (OWASP).

Below is a preview of a couple of the things Jeff will address during the day-long seminar.  The original article can be read here at ADTMag.


In organizations implementing DevOps practices, security should work differently, he said. Because code is released continuously, security must also work continuously. Developers need instant, accurate feedback on their code, and security should be confirmed before every release. The only way to make this happen, Williams said, is to "turn security into code," by fully automating the testing process.

"The old process involved network choke points (Web application firewalls) and required serially scanning the entire application portfolio every time a new attack or vulnerability came out. DevOps projects require security that keeps up with rapidly changing network configurations and architectures. Security has to be able to respond immediately when new vulnerabilities are discovered and new attack techniques are revealed."

Jeff Williams
~ Co-founder & CTO

RSA looks like it's going to be a gold mine for those interested in DevOps and application security this year. If you are in San Francisco the week of February 13th be sure to take advantage of this opportunity to learn about new approaches and interact with top security leaders and pioneers, like Jeff Williams. 

Click here to read the full article from ADTMag >>


Contrast Marketing

Contrast Marketing