[Owasp-Pune] OWASP Chapter discussion - series 3
ashwini.paranjpe at owasp.org
Mon Dec 14 04:57:54 UTC 2015
Here are the details about our next chapter discussion.
*Topic: CICD - Continuous integration, continuous development by Mahesh
In the present scenario of rapid product development, CICD (continuous
integration, continuous deployment), and always-available e-retail, banking
and social media services it is imperative that security assurance
practices also scale up to the shorter timelines.
While we know that tools and automation is the way to go, running different
tools, collating the reports, filing the evidences for audits and assuring
management and auditors of the security preparedness of the deployment is
still not scalable to weekly deployments, let alone daily and hourly roll
Mahesh will demonstrate a security automation framework where this problem
is addressed through separating the tool running intelligence from the
report parsing and orchestration. It serves two purposes: 1. Periodic and
predictable (baseline) tool runs for trend analysis 2. Rapid integration
framework to add more and more tools without the entire team learning the
new tools, and protecting "institutional learning".
This also allows for collecting the security assurance related data in a
single place so the data analysis (eventually this will be Big Data) to be
performed independent of the tools and targets
PTC Software (India) Pvt. Ltd. Training Room2 , Marisoft - 1st floor,
Survey No. 15 Vadgaonsheri, Kalyani Nagar Pune
17th Dec 2015, 5pm to 6pm
*Do we need to registrar for this chapter meet?*
Yes and registration is mandatory Click here
for the registration.
Also find details at OWASP chapter wiki page here
Hope to see you there!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-Pune