Cloud Security, DevOps, Web Application Security

Practical Tips for Defending Web Applications In The Age Of DevOps

Signal Sciences

Making security visible. Our product helps you prioritize your defensive efforts where your applications are actually targeted.

We are excited to announce an encore presentation by Zane Lackey, CSO of Signal Sciences, of his talk given at BlackHat USA 2017. This presentation covers practical lessons learned at Etsy on the most effective application security techniques, helping you avoid development bottlenecks while staying secure.

Sign up here >


What you will learn

The standard approach for web application security over the last decade and beyond has focused heavily on slow gatekeeping controls like static analysis and dynamic scanning. However, these controls was originally designed in a world of Waterfall development and their heavy weight nature often cause more problems than they solve in today’s world of agile, DevOps, and CI/CD.

This talk will share practical lessons learned at Etsy on the most effective web application security techniques in todays increasingly rapid world of application creation and delivery.

Specifically, it will cover how to:

  • Adapt traditionally heavyweight controls like static analysis and dynamic scanning to lightweight efforts that work in modern development and deployment practices
  • Obtain visibility to enable, rather than hinder, development and DevOps teams ability to iterate quickly
  • Measure maturity of your organizations security efforts in a non-theoretical way

Limited spots available, be sure to sign up to attend

Sign up here >