Let the Robots Help: Protecting the Build and Deployment Chain

It's not enough to just protect the calls to your APIs, you have to know what code you're running and how it got there. In today's world of dynamic development and deployment, developers are given incredible power to effect change in live products and systems. Code and configuration changes alike can get pushed out worldwide, sometimes to catastrophic effect. With more moving parts comes more changes for human error. So how can we make this better? Get the humans out of the way!

Today's systems allow us to automate many of the security chores that once fell to the wayside as busywork for the most junior sys admins, and the robots don't make the kinds of mistakes people do. Going beyond just checking if a codebase compiles, we can now manage the build path, dependencies, runtime platforms, code quality, configuration, and other aspects of the build and deploy process as it exists today.

We'll walk through each piece of the development and deployment chain and discuss the importance of protecting each step, while showing how to do address security, auditability, and reliability throughout. And most importantly, we'll take a deep look at the human cost of automation, and how bad automation can breed workarounds that can lead to unparalleled global disasters.