Punk Security are specialists in integrating security into DevOps pipelines, enabling rapid and secure development.
Hosting and attending number events around the UK, including OWASP. The guys at Punk Security are on a mission to help provide a better understanding of DevSecOps and security as a whole.
The event on the 11th May will be Automating security – An intro to DevSecOps.
Businesses are more productive when security is integrated into their working practice and processes, delivering immediate feedback to engineers and developers. Teams can quickly test out new ideas if they have short feedback loops and ultimately this means businesses can work faster, releasing new features or introducing better systems.
This concept is not new, it’s a key principal behind DevOps and businesses are already embracing heavily automated workflows which allow them to produce work with confidence. Unfortunately, a rapid approach to change is incompatible with the traditional approach to security. Slow decisions can bottleneck the throughput of work and incumbent security teams struggle to keep track of transient assets and an ever-expanding definition of their scope.
In this talk, we will discuss how security tools and practices can be layered into DevOps to ensure that risk is managed but the flow of work is not unnecessarily constrained. We will talk about how you can automatically scan applications and environments for vulnerabilities, enforce robust frameworks and build better processes so security doesn’t fall between the gaps.