Anton Basharin

CTO, Swordfish Security

About speaker

An IT heavyweight with over 15 years of experience in a range of fields, having played the part of a Senior Java Developer, a Software Engineer and a Security Architect. Well-versed in software development standards (CMMI L5, Scrum, Agile), automated audit and analysis, and manual code review aimed at finding and fixing security vulnerabilities. The last 4 years I have been focusing on Application Security and implementation of SSDL practices in engineering teams from the scratch. My professional feats include: Luxoft (developer and system architect), Alfa Bank (developer and team leader), Sberbank (application security team), Swordfish Security (CTO).

November 16

15:00 — 16:00

AppSec as a Code

Fast Track

Russian

Today, everybody talks about DevOps, digitalization, business transformation and many more scary words. Digital transformation has found its way into security development, disrupting the cosy world of relying on static analysis before releases and leading many to question the necessity to transform AppSec in the same key.
In our report we will try to explain the principles of DevSecOps and the way we see it, as well as the ways in which it differs to the classical model of security. The report contains many examples, demonstrations and script codes to understand how it all really works. Using an imaginary organization, we will offer a solution to handle it without being neck-deep in task management.

AppSec as a Code