"Security Testing Automation via Jenkins and Threadfix" - Lucian Corlan & Nikos Savvidis
This lightning talk will show you: how we have architected and configured our Security Jenkins pipeline to perform security tests, how Threadfix helps to achieve automation (use cases), how can Security Champions help to achieve the above
This lightning talk was presented at OWASP London Chapter Meeting on 26th April 2018 at EY.
Slides:
https://www.owasp.org/images/4/4e/OWASPLondon-Security-Testing-Automation-20160426-PDF.pdfSpeakers:
Lucian Corlan
Lucian is a Director of Application Security at SagePay. Lucian holds a number of security certifications – MSc ITSec, MA Security Studies, CISSP, CSSLP (a), CISM, CISA, CEH, OSCP, SABSA Foundation and has previously worked for Betfair in the InfoSec/AppSec Manager and Acting Head of AppSec roles. Lucian has also led one of the Romanian OWASP Chapters and is still involved in OWASP. Before that he worked for several multi-national organisations in the banking (chip card security & app security) and telecom (infra & app security) sectors. If there’s any free time left…, he spends it meddling with astronomy (planetary & galactic), reading philosophy/crypto detective books and dissecting bits of geo-economy politics.
Nikos Savvidis
Software engineer with a strong interest in application security and embedding security in the SDLC, having previous experience in companies ranging from a start-up with 15 employees, to a big enterprise with 10k+ employees.
...
https://www.youtube.com/watch?v=Rcr3q_b_k-o