• Home

  • Documents

  • Application Security at DevOps Speed and Portfolio Scale

If you can't read please download the document

Application Security at DevOps Speed and Portfolio Scale

  • Upload
    boris

  • View
    43

  • Download
    1

Tags:

Embed Size (px)

DESCRIPTION

Jeff Williams, CEO Aspect Security, Inc. Application Security at DevOps Speed and Portfolio Scale. About Me. Application Security Is Healthcare. Sensors Are Revolutionizing Healthcare. Your phone will know you’re sick before you do!. - PowerPoint PPT Presentation

Citation preview

AppSec at DevOps Speed and Portfolio Scale

Application Security atDevOps Speed and Portfolio ScaleJeff Williams, CEOAspect Security, Inc.

About Me

My name is Jeff Williams. Some you may know me from my work on WebGoat, ESAPI, or the OWASP Top Ten, and a bunch of other open source projects.

If any of you are smart, humble, and get things done we have some amazing job openings at Aspect.

And if you never want to wrestle with a static analysis tool again.... Come check out Contrast at our booth I promise you its different!

Today Im going to talk about what Ive learned helping organizations do application security at DEVOPS SPEED and PORTFOLIO SCALE.2Application Security Is Healthcare

Imagine applications are people and vulnerabilities are sicknesses.

Weve got a few Doctors and some FANCY technology for them to use -- like Xray or MRI machines.

These doctors are helping patients but theyre reactive. We could have the best doctors in the world working on our patients AND NEVER make progress against the disease.

It takes a DIFFERENT APPROACH to target a disease than it does to help a patient.You cant just scale up what youre doing for individual patients.

.

3Sensors Are Revolutionizing Healthcare

Instrumenting the body means continuous realtime monitoring

Not periodic checkupsYour phone will know youre sick before you do!The healthcare world is undergoing a powerful transformation.On both the individual and population level, SENSORS are changing everything.

This is great for patients as they can do their own monitoring.And in the AGGREGATE, this information can fight disease in new powerful ways.4Traditional Tools and Techniques Are FailingJavascript AjaxSOAP/RESTSerialized ObjectsRawSocketInversion of ControlLibraries and FrameworksAspect Oriented ProgrammingAgileDevOpsCloudMobileYou might be thinking well, our tools are pretty good. We just need to be better at running them.

Unfortunately, traditional tools have not kept up with modern software development both technology and processes

For example, most frameworks DONT call request.getParameter() anymore. Or SQL statement.execute().So what is your static tool going to find? Do they know about every framework and pattern?

They have lots of blind spots in the most important areas like authentication and access control.

They cant handle complex frameworks, complex protocols, the explosion of libraries, or the speed of DevOps.

And all the tools require experts, which introduces a serious bottleneck -- so we struggle to help Agile/DevOps type projects.5

AppSec ProgressSecuritySoftwareContinuous AppSecI came to a hard realization. Im very proud of the progress weve made in appsec, but we are getting outpaced. The software guys are out there inventing the next crazy new thing right now. By the time we get involved, itll be cast in stone. And well eventually figure out how to break it, and how to secure it and then it will be too late. Again.

So Im convinced that the only way forward is:AutomatedContinuous and RealtimeKeep security experts out of the critical path

6Starting Over

So what do we do?

We have to GIVE UP on anything that doesnt work at devops speed or portfolio scale.

Im sorry expert that means your job is going to change. Because software development has changed.

7

The right defenses for every application are

PresentCorrectUsed ProperlyDefining Portfolio ScaleAt the end of the day, the only success metric that matters is whether were doing a decent job of protecting all the apps in our portfolios. And even the best programs are nowhere close.

Appsec is really more like public health actually.

Its not only about securing apps, its about securing a PORTFOLIO.

And whether something works for a single application (patient) is almost irrelevant to whether it works across a portfolio.

8Defining DevOps Speed

Application security happens continuously and in real timeWe really need this. Ive worked with a lot of agile and devops projects. They cant use results that arent very timely.

If you cant get developers feedback almost immediately, the cost skyrockets and the learning plummets.

I dont want to hear anyone badmouthing the security of Agile or DevOps projects. In my experience they are no better than others. And I believe they have a lot more potential to be better.

9Is my portfolio protected against clickjacking?One Thing at a TimeSo were going to need to automate some stuff.

Lets see if we can do just one simple thing across the portfolio at devops speed. How about clickjacking.10Gathering IntelligenceControllerPresentationBusiness FunctionsDataLayerThird Party LibrariesApplication ServerPlatform RuntimeFrameworkOperating SystemBefore I show you how to create those sensors, I want to explain the different intelligence that can help us.

This is the information that can help us identify vulnerabilities. Too often we confuse the type of information with the technique for analyzing it.11

Security Intelligence SourcesHTTPTrafficBackend ConnectionsConfiguration DataLibraries and FrameworksData FlowControl FlowVulnerability TraceYou cant point at a diagram like this and say, SECURITY GOES HERE.

SECURITY IS NOT just a single point in the code. Its a PATH through an application that goes from custom code, to libraries, to frameworks, to platform and back again.

So when we VERIFY security, we need access to lots of different types of information.

What kinds of information are relevant? HTTP, Data Flow, Libraries, Control Flow, Configuration, and Backend Connections to name just a few.

So what kind of TECHNIQUES can we use to verify that this app does the right thing in stressful situations?

12Designing a Clickjacking SensorExperiment StylePositiveNegativeEnvironmentDevCITestQAStagingSecurityAnalysis TechniqueManualSASTDASTIASTPassiveData SourcesCodeHTTPConfigurationChoose based on:SpeedAccuracyFeedbackScalabilityEase of UseCostData FlowControl FlowLibrariesConnectionsSamplingProdIntelligenceJUnitPositive vs. negative?SAST, DAST, IAST, Manual, Passive?DEV, CI, TEST, QA, SEC, OPS?

13

Continuous ClickJacking Defense VerificationA new HTTP sensor to verify that theX-Frame-Options header is set to DENY or SameOrigin on every webpageDynamicInteractiveJUnitManualStaticDEVCITESTQASTAGOPSSEC

Data Warehouse:Application SecurityIntelligenceRun Against Entire Portfolio

Application NameResultGradeTBMarks88%ARPC0%FCaseyMotors0%FFinancials72%CInternational Reporting0%FFinancials ClickJacking Defense C (72%)/homeDENY/home/error.jsp-/home/index.jspDENY/accountSAME-ORIGIN/account/report.jsp-TBRPCCMTYJJRHCOASRAFIRXXQPXDD&@S

Check Your Headers

https://cyh.herokuapp.com/cyhThe Beastie Boys brought you Check Your Head. But Im bringing you CheckYourHeaders!!!

Its 16Continuous AppSec Dashboard

We transformed clickjacking verification todevops speed and portfolio scale!

One Small Step Towards Continuous AppSecBeforeAfterAnnual pentestContinuous monitoringNegative signaturesPositive verificationOne app at a timePortfolio wideOkay, clickjacking. Big deal.But its one step towards Continuous AppSec.18More SensorsI want a sensor to verifyMy business logic makes access control checksMy libraries are free from known vulnerabilitiesMy forms are not susceptible to CSRF attacksMy interpreters are protected against injectionMy encryption is implemented correctlyMy application has no unknown connectionsAnd much more.Access Control static in CILibraries static in staging ah ha!Verb Tampering check config positive!Injection IAST great data flow w/o false alarmsCrypto Correct? Manual -> Junit testsArchitecture!!

19Source [email protected]@PreAuthorize("hasAnyRole('ROLE_BUG_CREATE','ROLE_BUG_EDIT')")UpdateSBMBugtrackerController.java@PreAuthorize("hasRole('ROLE_BUG_EDIT')")SelectBugtrackerController.java@PreAuthorize("hasRole('ROLE_BUG_CREATE')")CheckAppStatusController.javaMISSINGViewConsoleEventsController.java@PreAuthorize("hasRole('ROLE_CONSOLE_VIEW')")DeleteEngineConfigController.java@PreAuthorize("hasRole('ROLE_ENGINE_PROFILES')")DownloadEngineController.java@PreAuthorize("hasRole('ROLE_ENGINE_DOWNLOAD')")EngineConfigController.java@PreAuthorize("hasRole('ROLE_ENGINE_DOWNLOAD')")ErrorController.javaMISSINGInboxController.java@PreAuthorize("isAuthenticated()")InstallationWizardController.java@PreAuthorize("isAuthenticated()")InviteAFriendController.java@PreAuthorize("isAuthenticated()")LoginController.javaMISSINGDeleteMessageController.java@PreAuthorize("isAuthenticated()")GetSystemMessagesController.java@PreAuthorize("isAdmin()")Access Control Intelligence SensorControl FlowSASTIntelligenceCIGenerated Access Control Matrix from Code

Known Vulnerable Libraries Sensor

LibrariesSASTNegativeCIRun DependencyCheck during every build(and do a build once a month even if nothing changed)Run DependencyCheck during every buildStruts2Need to find who has it fastNot all apps are in development and test

22

Run tests through ZAPZEST to check CSRF TokenGet results via ZAP REST API

CSRF Defense SensorHTTPPassivePositiveQACanonicalization Correctness Sensor

CodeJUnitPositiveStagingFor the Enterprise Security API project, we knew that we needed proof that the security controls we built were CORRECT

So we wrote thousands of test cases to prove that the controls: * Performed their function * Were tamperproof and non-bypassable

Today there are almost 5,000 companies using ESAPI. And we have had only 1 vulnerability identified. We immediately added a test case and well never have that one again

Here is a snippet of code from an ESAPI test case.24

Injection SensorsData FlowIASTNegativeDevUse IAST tools for DFA vulnerabilitiesWhat would you like to gather from all your applications?

Inventory? Architecture? Outbound connections? Lines of code? Security components?

All possible. and all at devops speed and portfolio scaleArchitecture, Inventory, and MoreBuilding Continuous AppSecDynamicInteractiveJUnitManualStaticDEVCITESTQASTAGOPSSEC

Data Warehouse:Application SecurityIntelligenceMost organizations look like this. They use all the techniques 27Sensors?How do you know what sensors you need?

The OWASP Top Ten?What your tools are good at?What your pentester thinks is important?Actually figure out what matters?Aspect 2013 Global AppSec Risk ReportHere are Aspects results for MANUAL code review and penetration testing of 5,000,000 lines of code every month.

Whats In Your Expected Model?ExpectedThreat ModelAbuse CasesPolicyStandardsRequirementsThere is no security without a modelUnfortunately, we dont really have a clear picture of what we expect. Both our EXPECTED and ACTUAL are spotty. That means we dont have a complete and clear EXPECTED model. We also dont know exactly what was VERIFIED.

Ive seen folks testing for SQL injection on applications that dont even have a SQL database. Thats just WASTE. When our tests dont match up to our EXPECTED model, we arent getting good coverage. And even worse are things in the EXPECTED model that arent even getting tested.

So we end up with a muddy, spotty picture of risks which leads to bad decisions, exposure, breaches, etc. This is not to say that were not adding value. BUT if were going to SCALE we have to get a lot more EFFICIENT.

30What Are You Actually Testing?ActualPentestCode ReviewToolsArch ReviewUnfortunately, we dont really have a clear picture of what we expect. Both our EXPECTED and ACTUAL are spotty. That means we dont have a complete and clear EXPECTED model. We also dont know exactly what was VERIFIED.

Ive seen folks testing for SQL injection on applications that dont even have a SQL database. Thats just WASTE. When our tests dont match up to our EXPECTED model, we arent getting good coverage. And even worse are things in the EXPECTED model that arent even getting tested.

So we end up with a muddy, spotty picture of risks which leads to bad decisions, exposure, breaches, etc. This is not to say that were not adding value. BUT if were going to SCALE we have to get a lot more EFFICIENT.

31UnfortunatelyActualExpectedNot being tested(aka RISK)Doesnt need testing(aka WASTE)Unfortunately, we dont really have a clear picture of what we expect. Both our EXPECTED and ACTUAL are spotty. That means we dont have a complete and clear EXPECTED model. We also dont know exactly what was VERIFIED.

Ive seen folks testing for SQL injection on applications that dont even have a SQL database. Thats just WASTE. When our tests dont match up to our EXPECTED model, we arent getting good coverage. And even worse are things in the EXPECTED model that arent even getting tested.

So we end up with a muddy, spotty picture of risks which leads to bad decisions, exposure, breaches, etc. This is not to say that were not adding value. BUT if were going to SCALE we have to get a lot more EFFICIENT.

32Are You Secure?Secure?Unfortunately, we dont really have a clear picture of what we expect. Both our EXPECTED and ACTUAL are spotty. That means we dont have a complete and clear EXPECTED model. We also dont know exactly what was VERIFIED.

Ive seen folks testing for SQL injection on applications that dont even have a SQL database. Thats just WASTE. When our tests dont match up to our EXPECTED model, we arent getting good coverage. And even worse are things in the EXPECTED model that arent even getting tested.

So we end up with a muddy, spotty picture of risks which leads to bad decisions, exposure, breaches, etc. This is not to say that were not adding value. BUT if were going to SCALE we have to get a lot more EFFICIENT.

33Aligning Sensors with Business ConcernsFraudAvailabilityI strongly encourage you to break it down with a structured defense strategy.

You can achieve a LINE OF SIGHT. You CAN match up your sensors with Business Concerns, but not directly

Identify your most important business concernsWork out defense strategies PRIMARY, SECONDARY, PREVENTATIVE, REACTIVE

Once you specify your ACTUAL defenses, your sensors are OBVIOUS34Continuous Application Security!ExpectedActualApplicationPortfolioAAAAAAAAAAAAAAAAAAApplication security dashboards

Translate expected into sensorsNew Threats,Business PrioritiesTalk about creating a cycle of evolve the model, deploy sensors, analyze results, make strategic decisions. This creates high-speed ITERATION and improvement.

This leaves the people to ACTUALLY figure out what they care about. Now you can have that principled discussion about whether to allow SHA-1. Youll have data about how many instances of SHA-1 you actually have, and how hard it will be to update.

We lose 90% of the intelligence we gain during a penetration test and we do it all over again next year.

Penetration tests are great at:1) Identifying holes in the expected model2) Figuring out how to test expected model3) Defining (and maybe building) sensors

Thats a business case for security.35How to Get StartedLater you can include in CI

36Transforming AppSecWe will never improve if our only metric is whether we are doing what everyone else is doingClose up with how we are transforming appsec the same way that new-relic transformed performance. Into something that ordinary folks can do themselves.

37Thank You!Please stop by the Contrast Security booth!@planetlevelExpected:Tracking CoverageInfrastructureSecurityDataProtectionLogging andAccountabilitySecureDevelopmentSecurityVerificationIncidentResponse

Minimal data collection

Strong encryption in storage and transitAll external connections use SSLAll internal connections use SSLSSL hardened according to OWASPAll highly sensitive data encryptedEncryption uses standard controlEncryption uses AES, no CBC or ECB

Universal authentication

Pervasive access control

Injection defensesStrict positive validation of all inputUse of parameterized interfacesAll parsers hardenedXML parsers set to not use DOCTYPEBrowser set no content sniffing headerEtcUse Hibernate and secure codingUse JQuery and secure coding

Etc

Imagine this is your EXPECTED model

Now you have information from your sensors flooding in telling you that your DEFENSES arePresentCorrectUsed Properly

Across your entire PORTFOLIO

Even if you start with a very small percentage of your expected model, thats work that you no longer have to do manually!

40Enterprise Controls DashboardExpected DefenseDefense Present?Defense Correct?Applications Tested?Training and SupportAuthenticationAuthorizationCryptographyValidationEscapingTokensLoggingIntrusion DetectionRandom NumbersBrowser SecuritySafe API WrappersObject Reference ManagementError HandlingSheet1ANALYZING FILES/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/annotationHelpInterceptor.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsNewAppController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesGenerateTraceWAFRuleController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsUpdateAppController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/billingBillingLoginController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controllerCheckAppStatusController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controllerErrorController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controllerLoginController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/security/passwordLostPasswordController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/security/passwordPasswordStaticContentController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/security/passwordUpdatePasswordController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/shopCartController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/shopPaySendBillOrderController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/signupRegisterController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/signupSignupController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/settingsSuperadminTestConnectionController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/settingsSuperadminTrialSignupController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/setupTestConnectionController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadminSuperadminLoginController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/usersSuperadminEditUserController.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webservices/apiAppStatsWS.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webservices/apiGetTraceWS.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webservices/apiResetAppWS.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webservices/apiUserWS.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webservices/appsApplicationUpdateWS.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webservices/consoleConsoleWS.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webservices/startupStartupWS.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webservices/tracesTraceWS.javaMISSING/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/accountAccountController.javaPRESENT@PreAuthorize("canSeeShoppingOperations()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/accountOrderItemsController.javaPRESENT@PreAuthorize("canMakeShoppingOperations()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/accountPayBalanceController.javaPRESENT@PreAuthorize("canMakeShoppingOperations()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/accountPaymentCenterController.javaPRESENT@PreAuthorize("canSeeShoppingOperations()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/adminAdminHomeController.javaPRESENT@PreAuthorize("hasAnyRole('ROLE_USERS_VIEW','ROLE_CONSOLE_VIEW','ROLE_BUGTRACKERS_VIEW','ROLE_ORG_IPRANGE','ROLE_ORG_POLICY','ROLE_LIBRARY_SEARCH')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsAppDashboardController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsApplyLicenseToAppController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsAppVulnerabilityReportController.javaPRESENT@PreAuthorize("checkApplicationRole('ROLE_VULN_REPORT',#form.id)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsArchiveAppController.javaPRESENT@PreAuthorize("hasRole('ROLE_APPLICATION_ARCHIVE')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsBrowseAppsController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsCoverageController.javaPRESENT@PreAuthorize("isAuthenticated()")ROLE_APPLICATION_DELETEROLE_APPLICATION_GROUPROLE_APPLICATION_REETROLE_TRACES_DELETEROLE_TRACES_SENDMAILROLE_TRACE_SEARCHROLE_ENGINE_DOWNLOADROLE_ENGINE_PROFILESROLE_CONSOLE_VIEWROLE_BUGTRACKER_VIEWROLE_BUGTRACKER_CREATE/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsFullyDeleteAppController.javaPRESENTROLE_BUGTRACKER_DELETE/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsGroupAppController.javaPRESENTROLE_AUDIT_VIEW/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsResetAppController.javaPRESENTROLE_ENGINE_ACTIVITY/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsRestoreAppController.javaPRESENTROLE_LIBRARY_SEARCH/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsSearchAppsController.javaPRESENT@PreAuthorize("hasRole('ROLE_APPLICATION_SEARCH')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesDeleteTracesController.javaPRESENT@PreAuthorize("hasRole('ROLE_TRACES_DELETE')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesShareTracesController.javaPRESENT@PreAuthorize("hasRole('ROLE_TRACES_TRACESHARED') and checkTraceVisibilityByUuid(#form.traces)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesShareTracesViaEmailController.javaPRESENT@PreAuthorize("hasRole('ROLE_TRACES_SENDMAIL') and checkTraceVisibilityByUuid(#form.traces)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTraceNoteController.javaPRESENT@PreAuthorize("hasRole('ROLE_TRACENOTE') and checkTraceVisibilityByUuid(#form.trace)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTracesBucketsController.javaPRESENT@PreAuthorize("hasRole('ROLE_TRACE_BUCKET')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTracesBugzillaExportController.javaPRESENT@PreAuthorize("checkTraceCollectionRole('ROLE_TRACES_DOWNLOAD',#form.collection) and checkTraceVisibilityByUuid(#form.traces)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTracesDownloadController.javaPRESENT@PreAuthorize("checkTraceCollectionRole('ROLE_TRACES_DOWNLOAD',#form.collection) and checkTraceVisibilityByUuid(#form.traces)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTracesGetBugtrackersController.javaPRESENT@PreAuthorize("checkTraceCollectionRole('ROLE_TRACES_BUGTRACKERSEND',#form.id)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTracesGetUsersController.javaPRESENT@PreAuthorize("hasRole('ROLE_TRACES_TRACESHARED')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTracesJIRAExportController.javaPRESENT@PreAuthorize("checkTraceCollectionRole('ROLE_TRACES_DOWNLOAD',#form.collection) and checkTraceVisibilityByUuid(#form.traces)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTracesMergeController.javaPRESENT@PreAuthorize("checkTraceCollectionRole('ROLE_TRACES_MERGE',#form.collection) and checkTraceVisibilityByUuid(#form.traces)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTracesSaveStatusController.javaPRESENT@PreAuthorize("hasRole('ROLE_TRACES_SAVESTATUS') and checkTraceVisibilityByUuid(#form.uuids)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTracesSearchController.javaPRESENT@PreAuthorize("hasRole('ROLE_TRACE_SEARCH')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTracesSendToBugtrackersController.javaPRESENT@PreAuthorize("checkTraceCollectionRole('ROLE_TRACES_BUGTRACKERSEND',#form.id) and checkTraceVisibilityByUuid(#form.traces)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTracesTreeController.javaPRESENT@PreAuthorize("hasRole('ROLE_TRACES_TREE')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTracesViewerController.javaPRESENT@PreAuthorize("checkTraceCollectionRole('ROLE_TRACE_HTTPREPLAY',#form.collection) and checkTraceVisibilityByUuid(#form.uuid)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesTraceViewerWorkingNotificationController.javaPRESENT@PreAuthorize("hasRole('ROLE_TRACES_VIEW')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/apps/tracesViewTracesController.javaPRESENT@PreAuthorize("hasRole('ROLE_TRACES_VIEW')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/appsUpdateAppConfigurationController.javaPRESENT@PreAuthorize("hasRole('ROLE_APPLICATION_APIKEYEDIT')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controllerBannerController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/billingBillingAccountActivityController.javaPRESENT@PreAuthorize("hasRole('ROLE_BILLING')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/billingBillingApplyPaymentController.javaPRESENT@PreAuthorize("hasRole('ROLE_BILLING')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/billingBillingAppsController.javaPRESENT@PreAuthorize("hasRole('ROLE_BILLING')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/billingBillingExecuteOrderController.javaPRESENT@PreAuthorize("hasRole('ROLE_BILLING')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/billingBillingOrdersController.javaPRESENT@PreAuthorize("hasRole('ROLE_BILLING')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/billingBillingOrganizationsController.javaPRESENT@PreAuthorize("hasRole('ROLE_BILLING')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/billingBillingSearchOrganizationController.javaPRESENT@PreAuthorize("hasRole('ROLE_BILLING')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/billingBillingStatementsController.javaPRESENT@PreAuthorize("hasRole('ROLE_BILLING')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/bugtrackersBrowseBugtrackersController.javaPRESENT@PreAuthorize("hasRole('ROLE_BUGTRACKERS_VIEW')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/bugtrackersBugtrackerRedirectorController.javaPRESENT@PreAuthorize("hasRole('ROLE_BUGTRACKER_EDIT')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/bugtrackers/bugzillaNewBugzillaBugtrackerController.javaPRESENT@PreAuthorize("hasRole('ROLE_BUGTRACKER_CREATE')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/bugtrackers/bugzillaTestBugzillaBugtrackerController.javaPRESENT@PreAuthorize("hasAnyRole('ROLE_BUGTRACKER_CREATE','ROLE_BUGTRACKER_EDIT')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/bugtrackers/bugzillaUpdateBugzillaBugtrackerController.javaPRESENT@PreAuthorize("hasRole('ROLE_BUGTRACKER_EDIT')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/bugtrackersDeleteBugtrackerController.javaPRESENT@PreAuthorize("hasRole('ROLE_BUGTRACKER_DELETE')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/bugtrackers/jiraNewJiraBugtrackerController.javaPRESENT@PreAuthorize("hasRole('ROLE_BUGTRACKER_CREATE')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/bugtrackers/jiraTestJiraBugtrackerController.javaPRESENT@PreAuthorize("hasAnyRole('ROLE_BUGTRACKER_CREATE','ROLE_BUGTRACKER_EDIT')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/bugtrackers/jiraUpdateJiraBugtrackerController.javaPRESENT@PreAuthorize("hasRole('ROLE_BUGTRACKER_EDIT')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/bugtrackers/sbmNewSBMBugtrackerController.javaPRESENT@PreAuthorize("hasRole('ROLE_BUGTRACKER_CREATE')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/bugtrackers/sbmTestSBMBugtrackerController.javaPRESENT@PreAuthorize("hasAnyRole('ROLE_BUGTRACKER_CREATE','ROLE_BUGTRACKER_EDIT')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/bugtrackers/sbmUpdateSBMBugtrackerController.javaPRESENT@PreAuthorize("hasRole('ROLE_BUGTRACKER_EDIT')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/bugtrackersSelectBugtrackerController.javaPRESENT@PreAuthorize("hasRole('ROLE_BUGTRACKER_CREATE')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/consoleViewConsoleEventsController.javaPRESENT@PreAuthorize("hasRole('ROLE_CONSOLE_VIEW')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/engineDeleteEngineConfigController.javaPRESENT@PreAuthorize("hasRole('ROLE_ENGINE_PROFILES')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/engineDownloadEngineController.javaPRESENT@PreAuthorize("hasRole('ROLE_ENGINE_DOWNLOAD')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/engineEngineConfigController.javaPRESENT@PreAuthorize("hasRole('ROLE_ENGINE_DOWNLOAD')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controllerInboxController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/installationInstallationWizardController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controllerInviteAFriendController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/messagesDeleteMessageController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/messagesGetAvailableUsersController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/messagesGetSystemMessagesController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/messagesNewSystemMessageController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/messagesNewUserMessageController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/messagesReplyUserMessageController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/organizationAuditController.javaPRESENT@PreAuthorize("hasRole('ROLE_AUDIT_VIEW')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/organizationCoverageSetupController.javaPRESENT@PreAuthorize("hasRole('ROLE_COVERAGE_SETUP')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/organizationEngineActivityController.javaPRESENT@PreAuthorize("hasRole('ROLE_ENGINE_ACTIVITY')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/organizationLibrarySearchController.javaPRESENT@PreAuthorize("hasRole('ROLE_LIBRARY_SEARCH')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/organizationOrganizationInfoController.javaPRESENT@PreAuthorize("hasRole('ROLE_ORG_INFO')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/organizationOrganizationIpRangeController.javaPRESENT@PreAuthorize("hasRole('ROLE_ORG_IPRANGE')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/organizationPasswordPolicyController.javaPRESENT@PreAuthorize("hasRole('ROLE_ORG_POLICY')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/organizationSessionTimeoutController.javaPRESENT@PreAuthorize("hasRole('ROLE_SESSION_TIMEOUTS')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controllerReportingController.javaPRESENT@PreAuthorize("hasRole('ROLE_REPORTING')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controllerReportIssueController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controllerReportIssueSuccessController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevelsDownloadRuleLevelController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/dynamicdsBuildDynamicDataSourceController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/dynamicdsGetDynamicDataSourcesController.javaPRESENT@PreAuthorize("hasRole('ROLE_RULELEVEL_VIEW')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/dynamicdsMoveToAppDynamicDataSourceController.javaPRESENT@PreAuthorize("hasRole('ROLE_RULELEVEL_EDITCUSTOMER')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/dynamicdsPromoteDynamicDataSourceController.javaPRESENT@PreAuthorize("checkRuleLevelRole('ROLE_RULELEVEL_EDITAPP',#form.ruleLevel)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevelsEditRuleLevelController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/propagatorsGetPropagatorsController.javaPRESENT@PreAuthorize("hasRole('ROLE_RULELEVEL_VIEW')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/propagatorsMoveToAppPropagatorController.javaPRESENT@PreAuthorize("hasRole('ROLE_RULELEVEL_EDITCUSTOMER')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/propagatorsPromotePropagatorController.javaPRESENT@PreAuthorize("checkRuleLevelRole('ROLE_RULELEVEL_EDITAPP',#form.ruleLevel)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/rulesBuildRuleController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/rulesBuildRuleCustomizeController.javaPRESENT@PreAuthorize("checkRuleLevelRole('ROLE_RULELEVEL_EDITAPP',#form.ruleLevel)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/rulesCopyRuleController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/rulesDeleteCustomizeRuleController.javaPRESENT@PreAuthorize("checkRuleLevelRole('ROLE_RULELEVEL_EDITAPP',#form.ruleLevel)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/rulesGetRuleCustomizeController.javaPRESENT@PreAuthorize("checkRuleLevelRole('ROLE_RULELEVEL_VIEW',#form.ruleLevel)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/rulesGetRulesController.javaPRESENT@PreAuthorize("hasRole('ROLE_RULELEVEL_VIEW')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/rulesMoveToAppRuleController.javaPRESENT@PreAuthorize("hasRole('ROLE_RULELEVEL_EDITCUSTOMER')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/rulesPromoteRuleController.javaPRESENT@PreAuthorize("checkRuleLevelRole('ROLE_RULELEVEL_EDITAPP',#form.ruleLevel)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/taglistsGetTagListsController.javaPRESENT@PreAuthorize("hasRole('ROLE_RULELEVEL_VIEW')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/taglistsMoveToAppTagListController.javaPRESENT@PreAuthorize("hasRole('ROLE_RULELEVEL_EDITCUSTOMER')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/taglistsPromoteTagListController.javaPRESENT@PreAuthorize("checkRuleLevelRole('ROLE_RULELEVEL_EDITAPP',#form.ruleLevel)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/udsGetUntrustedDataSourcesController.javaPRESENT@PreAuthorize("hasRole('ROLE_RULELEVEL_VIEW')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/udsMoveToAppUDSController.javaPRESENT@PreAuthorize("hasRole('ROLE_RULELEVEL_EDITCUSTOMER')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevels/udsPromoteUDSController.javaPRESENT@PreAuthorize("checkRuleLevelRole('ROLE_RULELEVEL_EDITAPP',#form.ruleLevel)")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevelsUpdateRuleLevelController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevelsUploadRuleLevelController.javaPRESENT@PreAuthorize("hasRole('ROLE_RULELEVELS_BROWSE')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/rulelevelsViewRuleLevelController.javaPRESENT@PreAuthorize("hasRole('ROLE_RULELEVEL_VIEW')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/securityApiKeyController.javaPRESENT@PreAuthorize("hasAnyRole('ROLE_SECURITY_APIKEY_ROTATE', 'ROLE_SECURITY_APIKEY_GET')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/serversBrowseServersController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/serversDeleteServerController.javaPRESENT@PreAuthorize("hasRole('ROLE_SERVER_DELETE')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/serversUpdateServerTagController.javaPRESENT@PreAuthorize("hasRole('ROLE_SERVER_TAG')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/shopConfirmChargesController.javaPRESENT@PreAuthorize("canMakeShoppingOperations()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/shopCreditCardCheckoutController.javaPRESENT@PreAuthorize("canMakeShoppingOperations()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/shopDiscountCheckoutController.javaPRESENT@PreAuthorize("canMakeShoppingOperations()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/shopOfflineCheckoutController.javaPRESENT@PreAuthorize("canMakeShoppingOperations()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/shopPayPalCheckoutController.javaPRESENT@PreAuthorize("canMakeShoppingOperations()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/shopSendBillCheckoutController.javaPRESENT@PreAuthorize("canMakeShoppingOperations()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/shopShoppingHomeController.javaPRESENT@PreAuthorize("canMakeShoppingOperations()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/appsAppsController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/appsUpdateAppLicenseController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/dedicatedserversSuperadminDedicatedServersController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/intelligenceIntelligenceHomeController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/intelligencePackagesController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/intelligenceSuperadminDashboardController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/intelligenceSuperadminEngineActivityController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/organizationAddOrganizationController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/organizationDeleteOrganizationController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/organizationEditOrganizationController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/organizationManageOrganizationController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/organizationOrganizationsController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/organizationUpdateOrganizationStatusController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/settingsSuperadminConfigController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/settingsSuperadminLogLevelController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/settingsSuperadminSettingsController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/settingsSuperadminTrialActivationController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/setupSetupController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadminSuperadminHomeController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadminSuperadminReloadAppController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/tracesSuperadminRecalculateTraceTitlesController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/updateSuperadminDownloadUpdateController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/updateTeamServerUpdateSettingsController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/superadmin/usersSuperadminUsersController.javaPRESENT@PreAuthorize("isAdmin()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/usersAccountUserController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/usersBrowseUsersController.javaPRESENT@PreAuthorize("hasRole('ROLE_USERS_VIEW')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/usersDeleteUserController.javaPRESENT@PreAuthorize("hasRole('ROLE_USER_DELETE')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/usersNewUserController.javaPRESENT@PreAuthorize("hasRole('ROLE_USER_CREATE')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/usersResendNewUserController.javaPRESENT@PreAuthorize("hasRole('ROLE_USERS_VIEW')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/usersUpdateAccountPasswordController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/usersUpdateExpiredPasswordController.javaPRESENT@PreAuthorize("isAuthenticated()")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controller/usersUpdateUserController.javaPRESENT@PreAuthorize("hasRole('ROLE_USER_EDIT')")/Users/jwilliams/Documents/Eclipse/contrast-workspace/contrast-teamserver/src/main/java/com/aspectsecurity/contrast/teamserver/webapp/controllerWelcomeController.javaPRESENT@PreAuthorize("isAuthenticated()")

Sheet2ROLE_APPLICATION_DELETEROLE_APPLICATION_GROUPROLE_APPLICATION_REETROLE_TRACES_DELETEROLE_TRACES_SENDMAILROLE_TRACE_SEARCHROLE_ENGINE_DOWNLOADROLE_ENGINE_PROFILESROLE_CONSOLE_VIEWROLE_BUGTRACKER_VIEWROLE_BUGTRACKER_CREATEROLE_BUGTRACKER_DELETEROLE_AUDIT_VIEWROLE_ENGINE_ACTIVITYROLE_LIBRARY_SEARCHTracesGetBugtrackersController.javaOTracesGetUsersController.javaOTracesJIRAExportController.javaOTracesMergeController.javaOTracesSaveStatusController.javaOTracesSearchController.javaOTracesSendToBugtrackersController.javaTracesTreeController.javaOTracesViewerController.javaOTraceViewerWorkingNotificationController.javaOViewTracesController.javaOUpdateAppConfigurationController.javaOBannerController.javaOBillingAccountActivityController.javaOOBillingApplyPaymentController.javaOBillingAppsController.javaOBillingExecuteOrderController.javaOBillingOrdersController.javaBillingOrganizationsController.javaBillingSearchOrganizationController.javaBillingStatementsController.javaBrowseBugtrackersController.javaBugtrackerRedirectorController.javaNewBugzillaBugtrackerController.javaTestBugzillaBugtrackerController.javaUpdateBugzillaBugtrackerController.javaDeleteBugtrackerController.javaNewJiraBugtrackerController.javaTestJiraBugtrackerController.javaUpdateJiraBugtrackerController.javaNewSBMBugtrackerController.javaTestSBMBugtrackerController.javaUpdateSBMBugtrackerController.javaSelectBugtrackerController.javaViewConsoleEventsController.javaDeleteEngineConfigController.javaDownloadEngineController.javaEngineConfigController.javaInboxController.javaInstallationWizardController.javaInviteAFriendController.javaDeleteMessageController.javaGetAvailableUsersController.javaGetSystemMessagesController.javaNewSystemMessageController.javaNewUserMessageController.javaReplyUserMessageController.javaAuditController.javaCoverageSetupController.javaEngineActivityController.javaLibrarySearchController.javaOrganizationInfoController.javaOrganizationIpRangeController.javaPasswordPolicyController.javaSessionTimeoutController.java


Security at the Speed of DevOps

Security at the Speed of DevOps

Technology
Adopting DevOps for 2-Speed IT

Adopting DevOps for 2-Speed IT

Technology
Ranger4 DevOps at High Speed Event - Mark Roberts

Ranger4 DevOps at High Speed Event - Mark Roberts

Technology
Atmosphere Conference 2015: DevOps and the Need for Speed

Atmosphere Conference 2015: DevOps and the Need for Speed

Internet
Rugged DevOps at Scale with Rich Mogull

Rugged DevOps at Scale with Rich Mogull

Technology
BLENDED LEARNING SKILLS, SCALE AT SPEED - … ·  · 2016-09-01BLENDED LEARNING SKILLS, SCALE AT SPEED ... Skill, Scale at Speed. Blended Learning - Skill, Scale at Speed 3 CONTENTS

BLENDED LEARNING SKILLS, SCALE AT SPEED - … ·  · 2016-09-01BLENDED LEARNING SKILLS, SCALE AT SPEED ... Skill, Scale at Speed. Blended Learning - Skill, Scale at Speed 3 CONTENTS

Documents
Master Software at Scale - DevOps Institute

Master Software at Scale - DevOps Institute

Documents
Ranger4 DevOps at High Speed Event - Tom Levey

Ranger4 DevOps at High Speed Event - Tom Levey

Technology
DevOps: Start-up Speed, Enterprise Scale … Start-up Speed, Enterprise Scale Bernie Coyne ... API economy Internet of Things ... Rational DOORS NG Rational Collaborative Lifecycle

DevOps: Start-up Speed, Enterprise Scale … Start-up Speed, Enterprise Scale Bernie Coyne ... API economy Internet of Things ... Rational DOORS NG Rational Collaborative Lifecycle

Documents
DevOps Summit 2015 Presentation: Continuous Testing At the Speed of DevOps

DevOps Summit 2015 Presentation: Continuous Testing At the Speed of DevOps

Technology
Gain Startup Speed with DevOps PaaS

Gain Startup Speed with DevOps PaaS

Technology
Innovate at speed with Devops

Innovate at speed with Devops

Technology
How Moogsoft Detects Issues at the Speed of DevOps

How Moogsoft Detects Issues at the Speed of DevOps

Technology
Agile at Scale @ ING Belgium...Release Train DevOps High Level Feature HLF PBB DevOps DevOps Investment Theme Epic Epic Feature Release Train DevOps DevOps DevOps Feature Feature Release

Agile at Scale @ ING Belgium...Release Train DevOps High Level Feature HLF PBB DevOps DevOps Investment Theme Epic Epic Feature Release Train DevOps DevOps DevOps Feature Feature Release

Documents
HOW TO SECURE APIS AT DEVOPS SPEED

HOW TO SECURE APIS AT DEVOPS SPEED

Documents
Best Practices Blueprint for Growing and Large Scale Continuous Testing at the Speed of DevOps

Best Practices Blueprint for Growing and Large Scale Continuous Testing at the Speed of DevOps

Technology
DevOps Mythbusting - TectonicShift · 2017-04-27 · 4 DevOps Mythbusting DevOps is fast Speed is at the core of DevOps. Every DevOps practice — from test-driven . development to

DevOps Mythbusting - TectonicShift · 2017-04-27 · 4 DevOps Mythbusting DevOps is fast Speed is at the core of DevOps. Every DevOps practice — from test-driven . development to

Documents
Continuous Deployment at Scale, Baltic DevOps 2016

Continuous Deployment at Scale, Baltic DevOps 2016

Technology
DASA DevOps Professional Enable and Scale Syllabus English · DevOps DevOps Agile Skills Association The DASA DevOps Certification Scheme DASA DevOps Leader DASA DevOps Coach DASA

DASA DevOps Professional Enable and Scale Syllabus English · DevOps DevOps Agile Skills Association The DASA DevOps Certification Scheme DASA DevOps Leader DASA DevOps Coach DASA

Documents
Enterprise DevOps at Scale

Enterprise DevOps at Scale

Documents
speno agile devops east - StickyMinds...DevOps&Transformation& Wednesday,&November&7th,&2018&11:30AM& & & & & & & ApplyingSystems!Thinkingto!DevOps! Practices!at!Scale!! Presentedby:&&

speno agile devops east - StickyMinds...DevOps&Transformation& Wednesday,&November&7th,&2018&11:30AM& & & & & & & ApplyingSystems!Thinkingto!DevOps! Practices!at!Scale!! Presentedby:&&

Documents
DevOps for Devices - IoT Development at Internet Speed

DevOps for Devices - IoT Development at Internet Speed

Technology
Adopting DevOps at Enterprise Scale

Adopting DevOps at Enterprise Scale

Documents
EMC World 2016 - DevOps-at-Scale Session

EMC World 2016 - DevOps-at-Scale Session

Technology
Enterprise DevOps on AWS in Financial ServicesAdopt DevOps on AWS following a tested roadmap 02 Innovate securely with software at speed and scale 03 Deliver solutions at speed while

Enterprise DevOps on AWS in Financial ServicesAdopt DevOps on AWS following a tested roadmap 02 Innovate securely with software at speed and scale 03 Deliver solutions at speed while

Documents
DevOps: What is the Right Speed? - capgemini.com€¦ · 2 DevOps: What is the Right Speed? Different Speeds of DevOps The speed of DevOps can vary greatly from company to company,

DevOps: What is the Right Speed? - capgemini.com€¦ · 2 DevOps: What is the Right Speed? Different Speeds of DevOps The speed of DevOps can vary greatly from company to company,

Documents
Ranger4 DevOps at High Speed Event - Stu Feasey

Ranger4 DevOps at High Speed Event - Stu Feasey

Technology
Speed and Scale: How Machine Identity Protection is ...€¦ · These problems exist because solving machine identity protection challenges within DevOps environments requires

Speed and Scale: How Machine Identity Protection is ...€¦ · These problems exist because solving machine identity protection challenges within DevOps environments requires

Documents
AppSec at DevOps Speed and Portfolio Scale OWASP... · Application Security at DevOps Speed and Portfolio Scale Jeff Williams @planetlevel Contrast Security. OWASP XSS Prevention

AppSec at DevOps Speed and Portfolio Scale OWASP... · Application Security at DevOps Speed and Portfolio Scale Jeff Williams @planetlevel Contrast Security. OWASP XSS Prevention

Documents
DevOps for Speed and Agility - DevOpsTO May 2014

DevOps for Speed and Agility - DevOpsTO May 2014

Software