AST as the Key to DevSecOps MaturityMatthew Rose of Checkmarx on the Value of AST Tools, Automation
DevSecOps is in its "awkward teenage years," says Matthew Rose of Checkmarx. But with new tooling and automation - particularly application security testing tools - he sees the practice maturing quickly and delivering improved outcomes.
"Every six months there's a new type of technology or tooling that really allows DevOps to work even more effectively," says Rose, director of application security strategy at Checkmarx. "So, as we move forward, there is going to be additional automation, additional integration points that really allow DevOps to be mainstream."
In an interview, Rose discusses:
- The state of DevSecOps;
- How development teams are hindered by lack of automation;
- How AST tools, combined with automation, can lead to better results.
Rose has over 18 years of software development, sales engineering management and consulting experience. During this time, he has helped some of the largest organizations in the world in a variety of industries, regions, and technical environments implement secure software development life cycles utilizing static analysis. His extensive background in application security, object-oriented programming, multi-tier architecture design/implementation, and internet/intranet development has been key to many speaking engagements for organizations like OWASP, ISSA, and ISACA.