Episode 40

Shifting security left

Download Subscribe
00:00:00
/
00:24:50
RSS Feed Download (57.1 MB) Link with Timestamp

March 27th, 2024

24 mins 50 secs

Link with Timestamp

Download MP3 (57.1 MB)

Your Hosts
Tags
front-end development css curating a conference leeds leeds international festival running a conference hosting devsecops shifting security left organising events conferences cyber security technology tech web development

About this Episode

Inspired by reading ‘Investments Unlimited’ and other books built around the principles of storytelling, James and Josh dive into DevSecOps and the bigger picture of shifting security left in this new episode of Off Script!

In this episode:

  • 00:00 Fictional Bugs - Investments Unlimited
  • 01:00 DevSecOps
  • 02:00 Moving security testing to the beginning
  • 03:00 Reducing the friction of releases
  • 04:00 Go through pain points early
  • 05:00 Strict linting, function length, no unused variables
  • 06:00 Early automated tests to prevent Git leaks
  • 08:00 Making it easy for the developer
  • 10:00 Bearer
  • 11:00 Concise reporting
  • 12:00 Dependabot
  • 13:00 Secret Management
  • 14:00 Making it easy to do the right thing
  • 16:00 Having pride in your security
  • 17:00 What if your language doesn’t have much security support?
  • 19:00 Dynamic & Static languages
  • 20:00 Language agnostic tools
  • 21:00 Key takeaways

References:

Find out more about Stac and Parallax: