Securing the Build and Deployment Pipeline - Challenges and Best Practices

Explore the often overlooked aspect of application security related to the development environment in this 26-minute OWASP Foundation conference talk. Delve into the challenges of securing build and deployment pipelines in agile software development and DevOps methodologies. Learn how traditional Change Management processes are impacted by rapid, automated deployments and the increased reliance on automated testing and pre-approved artifacts. Discover common misconfigurations in build and deployment environments that can significantly compromise source code integrity and overall application security. Gain insights into the importance of securing every step of the development process, from code review to artifact management, to ensure a robust security posture in modern software development practices.

Topics of Interest: Your code might be secure, but what about your pipeline? ... - M. Szydłowski