<img src="https://certify.alexametrics.com/atrk.gif?account=Zpb+p1uhUo20dG" style="display:none" height="1" width="1" alt="">
Dev-Friendly Security Build Rules for Every Pull Request

Webinar

Think About Your Audience Before Choosing a Webinar Title


Sponsored by shiftleft


Wednesday, September 16, 2020
1 pm EDT

Enforcing security build rules in pull requests is the key to modernizing AppSec.

Code quality testing is commonplace to protect the master branch from defects. For example, unit testing creates a gate that ensures new code doesn’t break the application before it reaches the master branch. Not only does this increase the code quality of the master branch, it also ensures that other developers are not pulling problematic code into their own pull requests and writing new code that depends on the problematic code. Hence, developers are accountable for the quality of code they write and fixes tend to be relatively easy because unit testing results are given before they switch to new contexts. Fixes also tend to be relatively simple because problematic code is remediated early and stays locally in the responsible developer’s branch. 

99.7% of organizations do NOT enforce similar security testing and quality gates in pull requests to protect their master branches. 

Unlike unit-testing, this means that vulnerabilities routinely are accepted into the master branch. Hence, it's difficult to establish a culture of security accountability on the development team because running security tests later in the SDLC makes it harder and slower to determine who is responsible for the vulnerable code. Furthermore, other developers do pull vulnerable code into their branches, so remediation often becomes more complex because, not only is the context switch bigger for the initial developer, but the fix may require updating many other places in the code base.  

This webinar will cover a developer-friendly model to insert security build rules into Git-based workflows. The webinar will cover: 

  • The growing gap between AppSec and application development
  • Why security build rules are so important bridging the gap
  • Requirements to consider when deploying security build rules
  • As well as show a live example of what this can look like in a GitHub repository
Arun Balakrishnan
Director of Product Management - ShiftLeft

Director of Product Management - ShiftLeft

On-Demand Viewing:

What You’ll Learn in This Webinar

You’ve probably written a hundred abstracts in your day, but have you come up with a template that really seems to resonate? Go back through your past webinar inventory and see what events produced the most registrants. Sure – this will vary by topic but what got their attention initially was the description you wrote.

Paint a mental image of the benefits of attending your webinar. Often times this can be summarized in the title of your event. Your prospects may not even make it to the body of the message, so get your point across immediately.  Capture their attention, pique their interest, and push them towards the desired action (i.e. signing up for your event). You have to make them focus and you have to do it fast. Using an active voice and bullet points is great way to do this.

Always add key takeaways. Something like this....In this session, you’ll learn about:

  • You know you’ve cringed at misspellings and improper grammar before, so don’t get caught making the same mistake.
  • Get a second or even third set of eyes to review your work.
  • It reflects on your professionalism even if it has nothing to do with your event.