No results.

AppSec USA 2012 - Austin

These are the videos from the OWASP AppSec USA 2012 conference in Austin, TX.

The schedule for the conference is at and the site for the conference is at

Put Your Robots to Work: Security Automation at Twitter - Justin Collins, Neil Matatall, Alex Smolen

Title: Put Your Robots to Work: Security Automation at Twitter

With daily code releases and a growing infrastructure, manually reviewing code changes and protecting against security regressions quickly becomes impractical. Even when using security tools, whether commercial or open source, the difficult work of integrating them into the development and security cycles remains. We need to use an automated approach to push these tools as close to when the code is written as possible, allowing us to prevent potential vulnerabilities before they are shipped. We worked with development, operations, and release teams to create a targeted suite of tools focused on specific security concerns that are effective and don’t introduce any noise. This presentation will give an overview of what we’ve done over the past year, what we have learned along the way, and will provide advice for anyone else going down this road.



Justin Collins,Security Engineer, Twitter

Justin is a security engineer at Twitter and a long-time computer science PhD student at UCLA. He spends most of his time working on Brakeman, a static analysis security scanner for Ruby on Rails.

Neil Matatall,Information Security Engineer, Twitter

Twitter security engineer, football fan, hiker. I like writing code. I like breaking code. I like protecting code.

Alex Smolen Security Engineer, Twitter

Graduate of the UC Berkely I School. Previously at Foundstone. | | Interested in security and the human experience.


Date: Thursday October 25, 2012 2:00pm - 2:45pm

Location: AppSecUSA, Austin, TX. Hyatt Regency Hotel, Gluu Room.

Track: Rugged DevOps