Abstract

Developing software that changes the world, exceeds customer expectations, provides turn-key functionality in diverse scenarios while meeting security and compliance requirements is the holy grail of Security Development Operations (SECDEVOPS). There are thousands of variables that need to be constantly addressed to find the balance that delivers sustainable and secure success. In this session, WitFoo’s chief engineers will outline an innovative approach to secure devops called Metric Driven Development. It will cover the following topics:

  • Creating a metric collection infrastructure to alert on security and functionality deficiencies
  • Utilizing metrics to write optimized unit and system tests
  • The optimal value of code coverage, application pen-testing and static code analysis
  • Integrating metrics into customer support evolutions
  • The place of containerization in SECDEVOPS
  • Build metric driven use cases from hypothesis to pivot
  • How metric driven development builds on Agile & Lean development theories

By the conclusion of the session, attendees will have the tools necessary to implement lean and effective development pipelines that deliver secure and useful code in a fraction of the time and at a fraction of the development cost.

Download Deck

The PowerPoint presentation from the IIA/ISACA IT Hacking Conference can be downloaded here.

Share This