OWASP NYC Chapter Meetup, July 26, 2019

Event date

July 26, 2019


ZeroNorth CTO John Stephen will be speaking on “CISO Debrief on BSIMM DevOps Study” at OWASP NYC Chapter Meetup July 26, 2019.

Abstract:
Vendors and firms do a lot of DevOps ‘in name only’ because it gets them in the cool club. Those really changing their culture are fundamentally changing their risk management paradigm – from one of proactive governance through security assurance to one of continuous collection of security telemetry and resilient delivery pipelines. What does that mean in practice? Synthesizing a survey of 20 such luminary DevOps firms, this presentation provides a software security framework and conclusions resulting from a survey of twenty luminary organizations practicing what they preach in DevOps culture. We will explore the tools and activities people have come to rely on, the changes to staffing security and aligning them with development and the remaining challenges that impede scale. More>>


Demo Videos

5-Min Demo Video: A Single Source of Truth on AppSec Risk with ZeroNorth DevSecOps Analytics & Reporting

The key to reducing AppSec risk is pretty simple. It all starts with AppSec visibility and everyone looking at the same data. AppSec visibility data provides ...

Watch Now

Webinars: On-Demand

AppSec Risk: You Can’t Manage What You Can’t Measure

The key to reducing AppSec risk is pretty simple. It all starts with AppSec visibility and everyone looking at the same data. AppSec visibility data provides ...

Watch Now

Latest Events

Black Hat 2021

Black Hat 2021, July 31-August 5

Black Hat 2021 has a jam-packed agenda, complete with a full AppSec track. And the ZeroNorth team is ready to connect with you and discuss how ...

View Event
Shifting Left

Shifting Left 2.0, June 22-23, 2021

 SHIFTING LEFT 2.0 is taking place June 22 and 23, DevOps and security thought leaders will come together to discuss the latest trends, best practices and the future ...

View Event

The ZeroNorth DevSecOps platform offers options for your DevSecOps journey—getting started with AppSec, finding enterprise visibility or fully integrating security into DevOps.