Chitra Elango is a Cyber Security Manager leading the Application Security program at Fannie Mae. Before moving into Application Security field, she had 15+ years of experience as a software developer, which gives her insight into how development teams operate at Fannie Mae. This enabled her to play a key role in introducing security to the existing service delivery pipeline and establishing a true DevSecOps model at Fannie Mae that supports greater business agility and provides assurance in the overall security of the delivered product. She was a driving force in aligning software security and business needs by empowering and enabling developers to identify software security vulnerabilities during active development cycles.
Session: Fannie Mae's DevSecOps Journey + SAST and DAST in Continuous Integration Deep Dive
Fannie Mae partners with lenders to create housing opportunities for families across the country – and helps make the 30-year fixed-rate mortgage and affordable rental housing possible for millions of Americans. To support this mission, Fannie Mae must support robust security practices throughout the organization. For years, Fannie Mae has aimed toward: 1) conducting cyber security assessments earlier in the development lifecycle; and 2) engaging business partners in the review and mitigation of cyber security risks. Through DevSecOps, Fannie Mae has now reached that goal – and stakeholders from development, operations, and cyber security now monitor, analyze, test, and proactively determine and fix vulnerabilities earlier in the development lifecycle. Join us for this session to see how DevSecOps has helped to dramatically reduce the vulnerabilities at Fannie Mae. Furthermore, take a few extra minutes for a deep dive in static and dynamic code analysis practices within continuous Integration.