In the Age of Agile Development and continuous integration gaining massive popularity, where does security fit in? Most security testing happens in production driven by audit requirements. This does not fit well with teams who are pushing code faster and faster constantly changing the applications being tested.
This roundtable will discuss the state of basic continuous delivery pipelines and how we can make sure security does not become an afterthought. Using a number of battle tested methodologies and open source tools, we will discuss how to be mean to our code before it ever sees the light of day in production. This discussion will allow us to find a way to adapt to the ways of DevOps but also foster a development lifecycle that creates software that is secure, reliable, and resilient.