The presentation discusses the challenges of implementing AppSec in DevOps and CI/CD and proposes solutions based on the experience of organizing the Hardening Project in Japan.
- Shift left is important in integrating security early on in the development process
- Development and security teams need to work together to maximize mutual understanding and cooperation
- Risk profiling is important in designing effective security defenses
- The Hardening Project in Japan is an eight-hour security competition that helps participants update their knowledge about incident response and improve their defenses
- The competition involves dealing with technical failures, customer complaints, and public relations response
- The Softening Day is a session where teams and attackers give presentations to share and summarize their activities and strategies