The future of application security must be developer-centric.
The modern incarnation of application security tools like SAST, DAST and WAF came about nearly 20 years ago. In the early 2000s software development was very different. The software development lifecycle was defined by waterfall development models, physical servers and monolithic code bases managed by SVN-based repositories. In that era, security tools were designed with AppSec Teams as the primary users and they were run as one of the final confirmation steps in the waterfall release model.
Today development is fast and cloud-based, with microservices architectures and Git-based repositories. However, application security workflows haven’t evolved in meaningful ways. Git is the center of modern software development and re-thinking security workflows for Developers should naturally be Git-based.
Putting the needs of developers first should be the key design principle of Git-based security workflows and maximizing developer productivity should be the goal. Yet in doing so, AppSec must still be able to create, manage and enforce organizational security standards.
This webinar will cover:
Director of Product Management - ShiftLeft