Developers want speed. Customers want features. Security teams want time.

This presentation will discuss how Continuous Security can be moulded into the CI/CD pipeline. I'll outline how machine images and ec2 instances in our AWS environment are automatically tested by vulnerability assessment tools packaged in Docker containers. This assures a reasonably secure posture before features hit production and automates the ongoing process of penetration testing thereafter.

In addition to containers, our security automation toolchain comprises an open-sourced framework as well as a smidgeon of python running in AWS Lambda.

Systems Engineer at Cisco Systems

Owen spends his time testing the notion that Infrastructure-as-Code might just make everyone’s life better. A Network Architect in a previous life, these days