Dev-First Prevention Strategies
Security and engineering teams often fail to find a balance between meeting the necessary security objectives for their organization and ensuring maximum velocity. While security teams view the process of blocking new critical severity vulnerabilities as a basic security best practice, engineering teams often push back out of fear that it will create too much friction for their developers.
This dynamic is often based on prior experience with legacy security systems that focus almost solely on the needs of security and fail to support developers in this process.
Snyk understands the importance of thinking through the process from the developers perspective and providing engineering teams with the tools and information necessary to address vulnerabilities throughout the SDLC without sacrificing productivity.
Even when equipped with the appropriate tooling and information it’s critical that companies think through how they’ll introduce this process so that developers are comfortable with the change.
This session covers best practices for introducing a blocking/prevention strategy using PR checks (SCM integration required).
This session is applicable to administrators of Snyk, developers using the tool, and security teams.
Host: Mark Bowen, Implementation Consultant
Learn more about Snyk http://bit.ly/snyk-io
📱Social Media📱
___________________________________________
Twitter: https://twitter.com/snyksec
Facebook: https://www.facebook.com/snyksec
LinkedIn: https://www.linkedin.com/company/snyk
Website: https://snyk.io/