Vulnerability Testing in the Cloud by dint of DevSecOps


Developers want speed. Customers want features. Security teams want time.

This presentation will discuss how Continuous Security can be moulded into the CI/CD pipeline. I'll outline how machine images and ec2 instances in our AWS environment are automatically tested by vulnerability assessment tools packaged in Docker containers. This assures a reasonably secure posture before features hit production and automates the ongoing process of penetration testing thereafter.

In addition to containers, our security automation toolchain comprises an open-sourced framework as well as a smidgeon of python running in AWS Lambda.

Slideshare

Speaker

owen-byrne

Owen Byrne

Systems Engineer at Cisco Systems

Owen spends his time testing the notion that Infrastructure-as-Code might just make everyone’s life better. A Network Architect in a previous life, these days he devotes less time to configuring routers than building cloud environments with Terraform, Ansible, Packer, Python etc. When not in front of a screen or hunting for missing toys, he runs a bit.