Rapid change creates new challenges in security. Every change can introduce new vulnerabilities. Software gets built from artifacts with known problems. Frequent changes make it hard to audit what is in each build, and frequent deployments make it hard to know what is running in production.
I present a secure continuous delivery pipeline. This talk covers a set of tools to automate security and enable safe, rapid change. I will draw from my experience building and integrating security tools into a continuous delivery pipeline at PagerDuty, a software-as-a-service vendor with more than 20 production deployments per day. The presentation covers tools from multiple vendors and teaches you how to build and secure your own continuous delivery pipeline.
