View More
View Less
System Message
An unknown error has occurred and your request could not be completed. Please contact support.
Reserved - Scan in at least 10 minutes before the beginning of the session.
This has been added to your Planner. Please note: This is not a reserved seat.
Waitlisted - you may be assigned a reserved seat if one becomes available.

Please be sure to check the session detail of this session for a full list of repeat sessions.

Personal Calendar
Conference Event
There aren't any available sessions at this time.
Conflict Found
This session is already scheduled at another time. Would you like to...
Please enter a maximum of {0} characters.
{0} remaining of {1} character maximum.
Please enter a maximum of {0} words.
{0} remaining of {1} word maximum.
must be 50 characters or less.
must be 40 characters or less.
Session Summary
We were unable to load the map image.
This has not yet been assigned to a map.
Search Catalog
Replies ()
New Post
Microblog Thread
Post Reply
Your session timed out.
Meeting Summary

DEM14 - Integrating AppSec into Your DevSecOps on AWS

Session Description

DevSecOps is driving the use of security testing throughout the application lifecycle, from initial development to product monitoring. Application security testing is unlike other forms of security in that it directly impacts the daily routines of developers. John Maski, the former director of DevSecOps at AT&T, discusses securing CI/CD pipelines in enterprise environments and “shifting left” with security. He reveals best practices gained from moving AT&T’s primary DevOps practice to a DevSecOps practice using static and dynamic application security testing. You’ll discover why strong executive sponsorship, a cultural shift, and solid cross-organization teaming are critical and how they can be the way forward to your own DevSecOps success.

Session Speakers
Session Schedule
    Additional Information
    Please note that session information is subject to change.
    Demo Session
    Boston Convention Center