Startup Security: Making Everyone Happy presented at lascon 2017

by Michael Mccabe, Brian Henderson,

Summary : There is no doubt that security is a must for every company but for startups shipping is above all. For small teams focused on shipping their MVP, security would only slow progress. There's no time or budget for expensive slow moving tools to impede progress. At XFIL we've built tools and processes to automate security using open source tools to provide dependency, code and infrastructure security. This talk is about how we approached security without slowing down shipping or increasing work for developers and how you can add security to your project without cost and friction. We'll discuss how we built security into our pipeline, approached new technologies and used proactive controls to make us more secure.