This talk will share practical lessons learned at Etsy on the most effective application security techniques in todays increasingly rapid world of application creation and delivery. Specifically, it will cover how to:
- Adapt traditionally heavyweight controls like static analysis and dynamic scanning to lightweight efforts that work in modern development and deployment practices
- Obtain visibility to enable, rather than hinder, development and DevOps teams ability to iterate quickly
- Measure maturity of your organizations security efforts in a non-theoretical way

By Zane Lackey

Full Abstract & Presentation Materials:
https://www.blackhat.com/us-17/briefi...