logo
ArticlesConferencesPresentations
Dates
Author
Conferences
Tags

Sort by:  

Automate Security, Don't Tell Your Boss

Conference:  OWASP 20th Anniversary Event
Authors: Matt Tesauro
2021-09-24

tldr - powered by Generative AI

The presentation discusses the benefits of automating security and the key elements needed to be successful. It emphasizes the importance of optimizing the work of security personnel, increasing team throughput, engaging and supporting external teams, and improving consistency and visibility through automation.
  • Traditional appsec is slow, painful, and ineffective
  • Automation can optimize the work of security personnel and increase team throughput
  • Defect Dojo is an open source security orchestration platform for vulnerability management that can consolidate security findings and provide a single source of truth
  • Automation can improve consistency, visibility, and tracking of work status
  • Automation can reduce friction with dev teams by speaking their language and providing results in a way that works for them
  • The presentation recommends reading books on DevOps and applying its concepts to security
  • The presentation suggests using app pipelines to make security fast and customized
Tags:
Security automation
multiple dimensions
team throughput
external engagement
success metrics