Application Security Podcast

Nancy Gariché and Tanya Janca -- DevSlop, the Movement

May 21, 2019

Show Notes

Nancy Gariché and Tanya Janca are two of the project leaders for the OWASP DevSlop Project. As we learn more about DevSlop, we realize that it is much more than a project: it's a movement. DevSlop is about the learning and sharing of four awesome women and is a platform for them to share what they’ve learned with the community.

DevSlop consists of four different modules:

  1. Patty – An Azure DevSecOps pipeline
  2. Pixi-CRS & Pixi-CRS-ZAP are two Circle-CI pipelines that demonstrate adding a WAF to your pipeline for automatic tuning before moving your apps to prod
  3. Pixi is an intentionally vulnerable app and consists of a vulnerable web app and API service,
  4. The DevSlop Show, a video streaming series where project members build things live, interview members of the OWASP and InfoSec community, and learn where they fit into DevOps.

We hope you enjoy.

Find Nancy, Tanya, and DevSlop on Twitter.


Need more information about Security Journey? Get in touch.

Ready to start your journey?

Book a Demo