Security is often the after thought, something you do when the tests are passing, or worse handled by that other team. It's often complex and time consuming to test and fix all the issues that come from such audits. The reality is security can and should be at the heart of development, not something done at the end of the project but as an integral part of everyones workflow. This talk looks at how security practices can be introduced to Dev and Op workflows, how automation is key component in such integrations. Using both tools from InfoSec toolbox and tooling that already exists within already existing dev workflows to implement security testing at the application and code level. Security is everyones responsibility and should never be an after thought or someone else issue, nor should it prevent an efficient workflow.

Comments

Comments are closed.

Good list of risks and tools to address them clearly put in the WordPress context.

Rated 5

Ben Longden at 17:57 on 30 Sep 2017

Nicely done! Thanks for the talk.

A very enjoyable talk providing many insights into WP issues on security. Some great tools mentioned (many which I didn't know).

Delivered very well.

Rated 4

Chris Emerson at 16:46 on 1 Oct 2017

Really useful information to put into practice, well presented.

Rated 4

Iain Fogg at 07:49 on 3 Oct 2017

Very entertaining, lots of real world examples of problems, and lots of tools / processes highlighted to look over / think about how to implement.

Rated 5

Ronald D. at 12:21 on 3 Oct 2017

Good talk, entertaining and very well presented!