| Track: | DevSecOps |
|---|---|
| When: | Tue PM-3 |
| Where: | DevSecCon |
| Organizers | Tanya Janca Tanya Janca |
| Participants | Gabor Pek Gabor Pek , Imran Mohammed A Imran Mohammed A , Pedro Laguna Pedro Laguna , Vasil Buraliev Vasil Buraliev |
| Remote Participants | Madhu Akula Madhu Akula , Sophie Tonnoir Sophie Tonnoir |
The OWASP DevSlop VSTS pipeline, affectionately known as “Patty”, needs to produce the absolute most secure code possible, as it is used to release DevSlop.co (our website), it is a proof of concept pipeline. Come help us improve the security of this proof of concept but hacking it and helping us add more checks!
WHY
Adding more security to this pipeline means that companies everywhere that use VSTS can adopt this proof of concept internally, adjust it for their specific needs, and starting making more secure apps, very quickly. It will be exported in JSON format, which can be imported into VSTS.
What
Security review, config and testing in the in Visual Studio Team Server pipeline.
Outcomes
Outcomes: More secure apps for everyone, everywhere! :) A free proof of concept that IT shops can adopt to start their DevOps processes, that includes security. Lessons and documentation will follow.
Register as participant
To register as participant add Adding security to VSTS pipeline to either:
- the
sessionsmetadata field from your participant's page (find your participant page and look for the edit link). - or the
participantsmetadata field from this git session page
Back to list of all Working Sessions