8. @parker0phil
1. Continuous Delivery IS MORE secure!
Mean
Time to
Detect
(MTTD)
Mean
Time to
Resolve
(MTTR)
RELEASE
FIND
VULN
FIX
VULN
Attack Window
MTTD MTTE
13. @parker0phil
1. Thinking about Security
1. Rely on developers and testers more than security
specialists.
2. Secure while we work more than after we’re done.
3. Implement features securely more than adding on
security features.
4. Mitigate risks more than fix bugs.
27. @parker0phil
Continuous Delivery IS MORE secure
How we achieve Security in a CD environment
Mental Models for Security
Pet Hates
My Favourite attacks